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intended for modelling the states of computations in which dynamic data 
structures are involved. We present a simple model of computation in 
which states of computations are modelled as data linkages and state 
changes take place by means of certain actions. We describe the state 
changes and replies that result from performing those actions by means 
of a term rewriting system with rule priorities. The model in question is 
an upgrade of molecular dynamics. The upgrading is mainly concerned 
with the features to deal with values and the features to reclaim garbage. 
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1 Introduction 

With the current paper, we carry on the line of research with which a start was 
made in [5]. The object pursued with that line of research is the development of a 
theoretical understanding of possible forms of sequential programs, starting from 
the simplest form of sequential programs, and associated ways of programming. 
The view is taken that sequential programs in the simplest form are sequences of 
instructions. PGA (ProGram Algebra), an algebra in which programs are looked 
upon as sequences of instructions, is taken for the basis of the development aimed 
at. The work presented in the current paper is primarily concerned with the use 
of dynamic data structures in programming. 

We introduce an algebra, called data linkage algebra, of which the elements 
are intended for modelling the states of computations in which dynamic data 
structures are involved. We also present a simple model of computation, called 
data linkage dynamics, in which states of computations are modelled as elements 
of data linkage algebra and state changes take place by means of certain actions. 
We describe the state changes and replies that result from performing those 
actions by means of a term rewriting system with rule priorities [1]. 

* This research was partly carried out in the framework of the Jacquard-project Sym- 
biosis, which is funded by the Netherlands Organisation for Scientific Research 
(NWO). 



Data linkage dynamics is an upgrade of molecular dynamics. The latter model 
has been developed in the setting of PGA and was first described in [2]. The name 
molecular dynamics refers to the molecule metaphor used to explain the model. 
By that, there is no clue in the name itself to what it stands for. To remedy this 
defect, the upgrade has been renamed to data linkage dynamics. The upgrading 
is mainly concerned with the features to deal with values and the features to 
reclaim garbage. In data linkage dynamics, calculations in a non-trivial finite 
meadow [14,15,11], such as a finite field with zero-totalized division, can be 
done. The features to reclaim garbage include: full garbage collection, restricted 
garbage collection (as if reference counts are used), safe disposal of potential 
garbage, and unsafe disposal of potential garbage. 

Term rewriting systems take an important place in theoretical computer sci- 
ence. Moreover, because term rewriting is a practical mechanism for doing calcu- 
lations, term rewriting systems have many applications in software engineering. 
Term rewriting systems with rule priorities, also called priority rewrite systems, 
were first proposed in [1]. Further studies of priority rewrite systems can, for 
example, be found in [26,29,27]. The rule priorities add expressive power: the 
reduction relation of a priority rewrite system is not decidable in general. It 
happens that it is quite convenient to describe the state changes and replies 
that result from performing the actions of data linkage dynamics by means of a 
priority rewrite system. Moreover, the priority rewrite system in question turns 
out computationally unproblematic: its reduction relation is decidable. 

In the line of research carried on, the view is taken that the behaviours ex- 
hibited by sequential programs on execution are threads as considered in basic 
thread algebra. 1 A thread proceeds by performing actions in a sequential fash- 
ion. A thread may perform certain actions for the purpose of interacting with 
some service provided by an execution environment. When processing an action 
performed by a thread, a service affects that thread by returning a reply value 
to the thread at completion of the processing of the action. In the setting of 
basic thread algebra, the use mechanism is introduced in [7] to allow for this 
kind of interaction. The state changes and replies that result from performing 
the actions of data linkage dynamics can be achieved by means of services. In 
the current paper, we also explain how basic thread algebra can be combined 
with data linkage dynamics by means of the use mechanism such that the whole 
can be used for studying issues concerning the use of dynamic data structures 
in programming. 

In [8], a description of the state changes and replies that result from per- 
forming the actions of molecular dynamics was given in the world of sets. In the 
current paper, we relate this description to the description based on data linkage 
algebra by widening the former to a description for data linkage dynamics and 
showing that the widened description agrees with the description based on data 
linkage algebra. 

1 In [5], basic thread algebra is introduced under the name basic polarized process 
algebra. Prompted by the development of thread algebra [7], which is a design on 
top of it, basic polarized process algebra has been renamed to basic thread algebra. 
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This paper is organized as follows. First, we introduce data linkage algebra 
(Section 2). Next, we present data linkage dynamics (Sections 3, 4, and 5). After 
that, we review basic thread algebra and the use mechanism (Sections 6 and 7). 
Then, we explain how basic thread algebra can be combined with data linkage 
dynamics by means of the use mechanism (Section 8). Following this, we give the 
alternative description of data linkage dynamics in the world of sets (Sections 9, 
10, and 11). Finally, we make some concluding remarks (Section 12). 

Some familiarity with term rewriting systems is assumed. The desirable back- 
ground can, for example, be found in [17,22,23]. 

2 Data Linkage Algebra 

In this section, we introduce the algebraic theory DLA (Data Linkage Algebra). 

The elements of the initial algebra of DLA can serve for the states of com- 
putations in which dynamic data structures are involved. These states resemble 
collections of molecules composed of atoms. An atom can have fields and each 
of those fields can contain an atom. An atom together with the ones it has links 
to via fields can be viewed as a sub-molecule, and a sub-molecule that is not 
contained in a larger sub-molecule can be viewed as a molecule. Thus, the col- 
lection of molecules that make up a state can be viewed as a fluid. To make 
atoms reachable, there are spots and each spot can contain an atom. 

Disengaging from the molecule metaphor, atoms will henceforth be called 
atomic objects. Moreover, sub-molecules, molecules and fluids will henceforth 
not be distinguished and commonly be called data linkages. 

In DLA, it is assumed that a fixed but arbitrary finite set Spot of spots, a 
fixed but arbitrary finite set Field of fields, a fixed but arbitrary finite set AtObj 
of atomic objects, and a fixed but arbitrary finite set Value of values have been 
given. 

DLA has one sort: the sort DL of data linkages. To build terms of sort DL, 
BTA has the following constants and operators: 

— for each s € Spot and a € AtObj, the spot link constant A a : DL; 

— for each a G AtObj and / e Field, the partial field link constant a — > : DL; 

— for each a, b e AtObj and / e Field, the field link constant a — > b : DL; 

— for each a 6 AtObj and n € Value, the value association constant (a) n : DL; 

— the empty data linkage constant : DL; 

— the binary data linkage combination operator © : DL x DL — > DL; 

— the binary data linkage overriding combination operator ffi':DLxDL — > DL. 

Terms of sort DL are built as usual. Throughout the paper, we assume that 
there are infinitely many variables of sort DL, including X, Y , Z. We use infix 
notation for data linkage combination and data linkage overriding combination. 

Let L and L' be closed DLA terms. Then the constants and operators of 
DLA can be explained as follows: 

— A a is the atomic data linkage that consists of a link via spot s to atomic 
object a; 
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- a is the atomic data linkage that consists of a partial link from atomic 

object a via field /; 
t 

- a — > b is the atomic data linkage that consists of a link from atomic object a 
via field / to atomic object b; 

- (a) n is the atomic data linkage that consists of an association of the value n 
with atomic object a; 

- is the data linkage that does not contain any atomic data linkage; 

- L (B V is the union of the data linkages L and L'; 

- L ©' V differs from LffiL'as follows: 

• if L contains spot links via spot s and L' contains spot links via spot s, 
then the former links are overridden by the latter ones; 

• if L contains partial field links and/or field links from atomic object a via 
field / and L' contains partial field links and/or field links from atomic 
object a via field /, then the former partial field links and/or field links 
are overridden by the latter ones; 

• if L contains value associations with atomic object a and L' contains 
value associations with atomic object a, then the former value associa- 
tions are overridden by the latter ones. 

Following the introduction of DLA, we will present a simple model of compu- 
tation that bears on the use of dynamic data structures in programming. DLA 
provides a notation that enables us to get a clear picture of computations in the 
context of that model. 

The axioms of DLA are given in Table 1. In this table, s and t stand for 
arbitrary spots from Spot, / and g stand for arbitrary fields from Field, a, b, c 
and d stand for arbitrary atomic objects from AtObj, and n and m stand for 
arbitrary values from Value. 

All closed DLA terms are derivably equal to basic terms over DLA, i.e. closed 
DLA terms in which the data linkage overriding operator does not occur. 

The set B of basic terms over DLA is inductively defined by the following 
rules: 

- %EB: 

- if s € Spot and a E AtObj, then a E B; 

- if a E AtObj and / 6 Field, then a-^> eB\ 

- it a, be AtObj and / 6 Field, then a b E B; 

- if a E AtObj and n E Value, then (a) n E B; 

- if Li, L 2 E B, then LiQ)L 2 E B. 

Theorem 1 (Elimination). For all closed DLA terms L, there exists a basic 
term L' E B such that L = L' is derivable from the axioms o/DLA. 

Proof. This is easily proved by induction on the structure of L. In the case where 
L = L\ ©' L 2 , we use the fact that for all basic terms L' X ,L' 2 E B, there exists 
a basic term L" E B such that L[ ©' L' 2 = L" is derivable from the axioms of 
DLA. This is easily proved by induction on the structure of L' 2 . □ 
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Table 1. Axioms of DLA 
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We are only interested in the initial model of DLA. We write VC for the set 
of all elements of the initial model of DLA. 

VC consists of the equivalence classes of basic terms over DLA with respect 
to the equivalence induced by the axioms of DLA. In other words, modulo equiv- 
alence, B is VC. Henceforth, we will identify basic terms over DLA and their 
equivalence classes. 

A data linkage L G VC is non- deterministic if at least one of the following 
holds: 

- L © (A a) = L © (A b) for some s G Spot and a, b G AtObj with a ^ b; 
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— L © (a -4 b) = L © (a -4 c) for some / G Field and a, 6, c G AtObj with b ^ c\ 

— L © (a ^> 6) = L © (a -A) for some / G Field and a, b G AtObj; 

— L © (a)„ = i © (a) m for some a G AtObj and n, m G Value with n ^ m. 

A data linkage L G X>£ is deterministic if it is not non-deterministic. 

In Sections 9, deterministic data linkages are represented by means of func- 
tions and data linkage overriding combination is modelled by means of function 
overriding. 

DLA reminds us of frame algebra [10]: links are like transitions and data 
linkage combination is like frame union. However, there is no counterpart for 
data linkage overriding combination in frame algebra. 

3 Data Linkage Dynamics 

DLD (Data Linkage Dynamics) is a simple model of computation that bears 
on the use of dynamic data structures in programming. It comprises states, 
basic actions, and the state changes and replies that result from performing the 
basic actions. The states of DLD are data linkages. In this section, we give an 
informal explanation of DLD. In Section 4, we will define the state changes and 
replies that result from performing the basic actions of DLD by means of a term 
rewriting system with rule priorities. For expository reasons, actions related to 
reclaiming garbage are treated separately in Section 5. 

Like in DLA, it is assumed that a fixed but arbitrary finite set Spot of spots, 
a fixed but arbitrary finite set Field of fields, and a fixed but arbitrary finite 
set AtObj of atomic objects have been given. Unlike in DLA, it is assumed 
that a fixed but arbitrary finite meadow [14,15,11] has been given and that 
Value consists of the elements of that meadow. It is also assumed that a fixed 
but arbitrary choice function ch : ('P(AtObj) \ 0) — ► AtObj such that, for all 
A G "P(AtObj) \ 0, ch(A) G A has been given. The prime examples of finite 
meadows are finite fields with zero-totalized division. The function ch is used 
whenever a fresh atomic object must be obtained. 

Below, wc will first explain the features of DLD to structure data dynamically 
and then the features of DLD to deal with values found in dynamically structured 
data. 

When speaking informally about a state L of DLD, we say: 

— if there exists a unique atomic object a for which -^>a is contained in L, 
the content of spot s instead of the unique atomic object a for which A a is 
contained in L; 

— the fields of atomic object a instead of the set of all fields / such that cither 

f f 
a — > is contained in L or there exists an atomic object b such that a — > b is 

contained in L; 

f 

— if there exists a unique atomic object b for which a -A b is contained in L, 
the content of field f of atomic object a instead of the unique atomic object 
b for which a b is contained in L. 
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In the case where the uniqueness condition is met, the spot or held concerned is 
called locally deterministic. 

By means of actions, fresh atomic objects can be obtained, fields can be 
added to and removed from atomic objects, and the contents of fields of atomic 
objects can be examined and modified. A few actions use a spot to put an atomic 
object in or to get an atomic object from. The contents of spots can be compared 
and modified as well. 

DLD has the following non-value-related basic actions: 

— for each s G Spot, a get fresh atomic object action s !; 

— for each s,t E Spot, a set spot action s = t; 

— for each s G Spot, a clear spot action s = *; 

— for each s,t £ Spot, an equality test action s == t\ 

— for each s G Spot, an undefinedness test action s == *; 

— for each s G Spot and / G Field, a add field action s/f; 

— for each s G Spot and / G Field, a remove field action s\f; 

— for each s G Spot and / G Field, a has field action s\f; 

— for each s,t G Spot and / G Field, a set field action s.f = t; 

— for each s G Spot and / G Field, a clear field action s. f = *; 

— for each s,t G Spot and / G Field, a get field action s = t.f. 

If only locally deterministic spots and fields are involved, these non-value- 
related basic actions of DLD can be explained as follows: 

— s!: if a fresh atomic object can be allocated, then the content of spot s 
becomes that fresh atomic object and the reply is T; otherwise, nothing 
changes and the reply is F; 

— s = t: the content of spot s becomes the same as the content of spot t and 
the reply is T; 

— s = *: the content of spot s becomes undefined and the reply is T; 

— s == t: if the content of spot s equals the content of spot t, then nothing 
changes and the reply is T; otherwise, nothing changes and the reply is F; 

— s == *: if the content of spot s is undefined, then nothing changes and the 
reply is T; otherwise, nothing changes and the reply is F; 

— s/f: if the content of spot s is an atomic object and / does not yet belong 
to the fields of that atomic object, then / is added (with undefined content) 
to the fields of that atomic object and the reply is T; otherwise, nothing 
changes and the reply is F; 

— s\f: if the content of spot s is an atomic object and / belongs to the fields of 
that atomic object, then / is removed from the fields of that atomic object 
and the reply is T; otherwise, nothing changes and the reply is F; 

— s | /: if the content of spot s is an atomic object and / belongs to the fields 
of that atomic object, then nothing changes and the reply is T; otherwise, 
nothing changes and the reply is F; 

— s.f = t: if the content of spot s is an atomic object and / belongs to the 
fields of that atomic object, then the content of that field becomes the same 
as the content of spot t and the reply is T; otherwise, nothing changes and 
the reply is F; 
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— s.f = *: if the content of spot s is an atomic object and / belongs to the 
fields of that atomic object, then the content of that field becomes undefined 
and the reply is T; otherwise, nothing changes and the reply is F; 

— s = t.f: if the content of spot t is an atomic object and / belongs to the 
fields of that atomic object, then the content of spot s becomes the same as 
the content of that field and the reply is T; otherwise, nothing changes and 
the reply is F. 

In the explanation given above, wherever we say that the content of a spot or field 
becomes the same as the content of another spot or field, this is meant to imply 
that the former content becomes undefined if the latter content is undefined. 
If not only locally deterministic spots and fields are involved in performing a 
non-value-related action, there is no state change and the reply is F. 

The choice is made to deal uniformly with all cases in which not only locally 
deterministic spots and fields are involved. However, if a field that is not locally 
deterministic is involved in performing a remove field action or a has field action, 
there are certainly other imaginable ways to deal with it. 

In addition to non- value-related basic actions, DLD has value-related basic 
actions. By means of the value-related basic actions, calculations in a finite 
meadow can be done. 

When speaking informally about a state L of DLD, we also say: 

— atomic object a has a value assigned instead of there exists a unique value 
n for which (a) n is contained in L; 

— if there exists a unique value n for which (a) n is contained in L, the value 
assigned to atomic object a instead of the unique value n for which (a) n is 
contained in L. 

DLD has the following value- related basic actions: 

— for each s G Spot, an assign zero action s <= 0; 

— for each s G Spot, an assign one action s <= 1; 

— for each s,t,u G Spot, an assign sum action s <= t + u; 

— for each s,t,u G Spot, an assign product action s <= t ■ u; 

— for each s,t £ Spot, an assign additive inverse action s <= — t; 

— for each s,te Spot, an assign multiplicative inverse action s <= 1 / 1; 

— for each s,t£ Spot, a value equality test action s =? t; 

— for each s G Spot, a value undefinedness test action s =? *;. 

If only locally deterministic spots are involved, these value-related basic ac- 
tions of DLD can be explained as follows: 

— s <= 0: if the content of spot s is an atomic object, then the value assigned to 
that atomic object becomes and the reply is T; otherwise, nothing changes 
and the reply is F; 

— s <= 1: if the content of spot s is an atomic object, then the value assigned to 
that atomic object becomes 1 and the reply is T; otherwise, nothing changes 
and the reply is F; 
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— s <= t + u: if the content of spot s is an atomic object and the contents of 
spots t and u are atomic objects that have values assigned, then the value 
assigned to the content of spot s becomes the sum of the values assigned to 
the contents of spots t and u and the reply is T; otherwise, nothing changes 
and the reply is F; 

— s <= t ■ u: if the content of spot s is an atomic object and the contents of 
spots t and u are atomic objects that have values assigned, then the value 
assigned to the content of spot s becomes the product of the values assigned 
to the contents of spots t and u and the reply is T; otherwise, nothing changes 
and the reply is F; 

— s <— — t: if the content of spot s is an atomic object and the content of spot 
t is an atomic object that has a value assigned, then the value assigned to 
the content of spot s becomes the additive inverse of the value assigned to 
the content of spots t and the reply is T; otherwise, nothing changes and the 
reply is F; 

— s <= 1 / t: if the content of spot s is an atomic object and the content of spot 
t is an atomic object that has a value assigned, then the value assigned to 
the content of spot s becomes the multiplicative inverse of the value assigned 
to the content of spots t and the reply is T; otherwise, nothing changes and 
the reply is F; 

— s =? t: if the contents of spots s and t are atomic objects that have values 
assigned and the value assigned to the content of spot s equals the value 
assigned to the content of spot t, then nothing changes and the reply is T; 
otherwise, nothing changes and the reply is F; 

— s =? *: if the content of spot s is an atomic object that has no value assigned, 
then nothing changes and the reply is T; otherwise, nothing changes and the 
reply is F. 

If not only locally deterministic spots are involved in performing a value-related 
action, there is no state change and the reply is F. 

Notice that copying, subtraction, and division can be done with the value- 
related basic actions available in DLD. If the content of spot s is an atomic object 
and the content of spot t is an atomic object that has a value assigned, then 
that value can be assigned to the content of spot s by first performing s <= 
and then performing s <= s + t. If the content of spot s is an atomic object 
and the contents of spots t and u are atomic objects that have values assigned, 
then the difference of those values can be assigned to the contents of spot s 
by first performing u <— — u, next performing s <= t + u and then performing 
u <= — u once again. Division can be done like subtraction. 

We write ^4dld for the set of all non-value-related and value-related basic 
actions of DLD. 

In DLD, finite meadows are taken as the basis for the features to deal with 
values. This allows for calculations in finite fields. The approach followed is 
generic: take the algebras that are the models of some set of cquational axioms 
and introduce value-related basic actions for the operations of those algebras. 
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4 Priority Rewrite System for Data Linkage Dynamics 



In this section, we describe the state changes and replies that result from per- 
forming the basic actions of DLD by means of a priority rewrite system [1]. For 
that purpose, we introduce for each basic action a of DLD, the unary effect 
operator eff a and the unary yield operator yld a . The intuition is that these 
operators stand for operations that give, for each state L, the state and reply, 
respectively, that result from performing basic action a in state L. 

Before we actually describe the state changes and replies that result from 
performing the basic actions of DLD by means of a priority rewrite system, we 
shortly review priority rewrite systems. 

A priority rewrite system is pair (72, <), where 72 is a term rewriting system 
and < is a partial order on the set of rewrite rules of 72. 

Let a priority rewrite system (72, <) be given. Let r be a rewrite rule of 72. 
Then an r-rewrite is a closed instance of r. Let R be a set of closed instances of 
rewrite rules of 72. Then an R-reduction is a reduction of 72 that belongs to the 
closure of R under closed contexts, transitivity and reflexivity. 

Let (72, <) be a priority rewrite system. Assume that there exists a unique 
set R of closed instances of rewrite rules of 72 such that an r-rewrite t — > s E R 
if there does not exist an i?-reduction t — » t' that leaves the head symbol of t 
unaffected and an r'-rewrite t' — > s' E R with r < r' . Then (72, <) determines 
a one-step reduction relation as follows: — > is the closure of R under closed 
contexts. Moreover, let E be a set of equations between terms over the signature 
of 72. Then (72, <) determines a one-step reduction relation modulo E as follows: 
t —* E s if and only if t' — ► s' for some t' and s' such that t = t' and s — s' are 
derivable from E (where — ► denotes the one-step reduction relation determined 
by (72, <)). If a unique R as described above exists, (72, <) is called well-defined. 
If a priority rewrite system is not well-defined, then it does not determine a 
one-step reduction relation. The priority rewrite system for DLD given below is 
well-defined. This is easily shown by means of Theorem 3.11 from [1]. 

The priority rewrite system for DLD given below is actually a many-sorted 
priority rewrite system. In addition to the sort DL of data linkages, it has the 
sort R of replies. Terms of sort R are built using the reply constants T : R and 
F : R and the yield operators yld a : DL — > R for a E ^dld- The definitions and 
results concerning term rewriting systems extend easily to the many-sorted case, 
see e.g. [12], and likewise for priority rewrite systems. 

Equations can serve as rewrite rules. Taken as rewrite rules, equations are 
only used in the direction from left to right. In the priority rewrite system for 
DLD given below, equations that serve as axioms of DLA are taken as rewrite 
rules. 

Henceforth, all rewrite rules will be written as equations. Moreover, the no- 
tation 

[m] ri 
[n k ] r k 
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will be used in a table of rewrite rules to indicate that each of the rewrite rules 
ri, . . . , rk is incomparable with each of the other rewrite rules in the table and, 
for !,je{l,..., k}, ri < rj if and only if m > nj. 

In the priority rewrite system for DLD given below, the function atobj is used 
to restrict the basic terms over DLA for which L stands. This function gives, 
for each basic term L over DLA, the set of atomic objects occurring in L. It is 
defined as follows: 

atobj(^a) = {a} , atobj ((a) n ) = {a} , 

atobj (a ±) = {a} , atobj {([))= ® , 

atobj (a -A b) = {a, b} , atobj (L ffi V) = atobj (L) U atobj (L') . 

The priority rewrite system for DLD consists of the axioms of DLA, with the 
exception of the associativity, commutativity and identity axioms for ffi, taken 
as rewrite rules and the rewrite rules for the effect and yield operators given in 
Table 2. In this table, L stands for an arbitrary basic term over DLA, s, t and 
u stand for arbitrary spots from Spot, / stands for an arbitrary field from Field, 
a, b and c stand for arbitrary atomic objects from AtObj, and n and m stand for 
arbitrary values from Value. Each of the rewrite rules in Table 2 is incomparable 
with each of the axioms of DLA that are taken as rewrite rules. Moreover, taken 
as rewrite rules, the axioms of DLA are mutually incomparable. 

Henceforth, we will write ACl for the set of equations that consists of the 
associativity, commutativity and identity axioms for ffi. 2 The one-step reduction 
relation of interest for DLD is the one-step reduction relation modulo ACl de- 
termined by the priority rewrite system for DLD. We write ^> A ci for the closure 
of this reduction relation under transitivity and reflexivity. 

What is stated before at the end of Section 3 about copying and subtraction 
with the value-related basic actions of DLD is substantiated by the priority 
rewrite system for DLD. Let L = M ® (A a) ffi (-^6) © (*>)„ be a closed DLA 
term. Then there exists a basic term N over DLA such that 

eff s< = s+t (eff s< =o(L)) ^> AC1 N , 
L ffi' {a) n ^> AC1 N . 

In other words, by first performing s <= and then performing s <= s + t, the 
value assigned to the content of spot s becomes the same as the value assigned 
to the content of spot t. Let V = M' © (A a) © (A b) ffi (&)„ ffi (A c) ffi (c) m be 
a closed DLA term. Then there exists a basic term N 1 over DLA such that 

-u( e ffs<=t+u 

L' ffi' (a)„_ m ^ AC1 N' . 

In other words, by first performing u <= — u, next performing s <= t + u and 
then performing u <~ — u once again, the value assigned to the content of spot 
s becomes the difference of the values assigned to the contents of spots t and u. 

2 The mnemonic name ACl for the associativity, commutativity and identity axioms 
for some operator is taken from [21]. 
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Table 2. Rewrite rules for effect and yield operators 



[1] eff a , (X ffi ( A a) ffi (A b))=Xe (A a) ffi (A 6) 

[2] eff s ,{L) = Lffi' (A a) where a = c/i(AtObj \ atobj(L)) 

[2] ejf s ,(L) =L 

III e ^ i (Xe(Aa)ffi(A6))=Xffi(Aa)ffi(A6) 

[1] e# s=t (X (A a) ffi (A 6)) = X ffi (A a) ffi (A 6) 

[2] e ^ i( Xffi(Aa)) = (Xffi(Aa))ffi'(Aa) 

[3] e# s=t (Xffi(Aa))=X 

[4] e# s=t (X)=X 

[1] e# s= , (X ffi (A a) ffi (A b)) = X ffi (A a) ffi (A b) 

[2] C(le(4«))=I 

[3] e#U(X)=X 

[1] eff s==t (X)=X 

[1] eff. == .(X)=X 

[1] e# s// (X ffi (A a) ffi (A b)) = X ffi (A a) ffi (A 6) 

[2] eff s/f (X ffi (A a) ffi (a A 6)) = X ffi (A a) ffi (a A &) 

[2] eff s/f (X ffi (A a) ffi (a A)) = X ffi (A a) ffi (a A) 

[3] e # s// (Xffi(Aa)) = (Xffi(Aa))0'(aA) 

[4] eff s/f (X) = X 

[1] e# sU (X ffi (A a) ffi (A b)) = X ffi (A a) ffi (A 6) 

[1] eff Af (X ffi (A a) ffi (a A 6) ffi (a A c)) = X ffi (A a) ffi (a A 6) ffi (a A c 

[1] c# iN/ (Jf ffi (A a) ffi (a A 6) ffi (a A)) = X ffi (A a) ffi (a A fe) ffi (a A) 

[2] ej 0F sX/ (Xffi(Aa)ffi(aA6)) = Xffi(Aa) 

[2] ej 6 F sU (Xffi(Aa)ffi(aA))=Xffi(Aa) 

[3] e# sU (X)=X 

[1] e j e f s | / (X)=X 

[1] eff aJ=t (X(B 

[1] e# s . /=t (Xffi 

[1] eff s . f=t (X® 

[1] e # s . /=t (Xffi 

[2] ejf.. /=t (X® 

[2] eff.. f=t (X<& 

[3] ejf.. /=t (X® 

[4] eff sJ=t (X) = 

[1] eff.. f= .{X(B 

[1] eff,. f= ,(X® 

[1] ^ s . /= ,(Xffi 

[2] e# s . /= *(Xffi 

[3] eff, mf= ,(X)=X 



if a / ft 
if atobj(L) C AtObj 
if atobj(L) = AtObj 
if a / ft 
if a / ft 



if a / ft 



if a / ft 



if a / 6 
if ft^c 



X 



A 6)) = Xffi(A a )ffi(Aft) ifa/fo 
a A 6) ffi (a A c)) = X ffi ( A a) ffi (a A b) ffi (a X c ) if b ± c 
a X b) ffi (a A)) = X ffi (A a) ffi (a A 6) ffi (a A) 
Aft)) =Xffi(Aa)ffi(Aft) if a/ b 

a A 6) ffi (A c )) = X ffi (A a) ffi (a A c) ffi (A c ) 
a A) ffi (A fe)) = X ffi (A a) ffi (a -4 6) ffi (A b) 
a A 6)) =Xffi(A a )ffi(a^>) 

Aft)) =Xffi(A a )ffi(Aft) ifa/ft 
a A 6) ffi (a A c)) = X ffi ( A a) ffi (a A 6) ffi (a A c) if 6 / c 
a A 6) ffi (a A)) = X ffi (A a) ffi (a -A 6) ffi (a X) 
a A 6)) =Xffi(A a )ffi(ai) 
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Table 2. (Continued) 



ill 


pff ( Y ffi 


JA ) 


ffi f A h)) — X ffi C A n ) ffi C A M 


if a / 6 


n 1 


eft (Y CD 


/ i \ 
— * CI J 


( -LihW — Y a*, ( t ^ n\ m ( *>M 
tt> ^ > — tb ^ — > a J f±) ^ — > OJ 


it a y= u 


ri l 

w 


CP / "V - /T\ 

e ffs = t.f{ X ffi 


c * \ 
v — * a J 


ffi (a — > b) ffi (a — * c)) = A © (— » a) ffi (a — * b) ffi (a — » c) 


IT o 7^ c 


[1] 


e# s=t/ (Xffl 


v — > a) 


ffi (a A b) ffi (a A)) = X ffi (A a) ffi (a A b) ffi (a A) 




[2] 


e#. =t . / (X® 


v — > a) 


ffi (a A &)) = (X ffi (A a) ffi (a -4 6)) ffi' (A 6) 




[2] 


eff, =t . f (X® 


/ i n 
v — * a ) 


9(ai)ffi(Ac)) =Xe(ifl)ffi(di) 




[3] 


eff^X) = 


X 






[1] 




{ 3 \ 

K — * a) 


e(Aj)) = Xffi(Aa)e(A fl ) 


if a/ 6 


[1] 


cjgf. <=0 (x® 


/" S \ 

v - * a ) 


ffi (a)„ ffi (a) m ) = X ffi (A a) ffi (a)„ ffi (a) m 


if n / m 


[2] 


e # s<=0 (Xffi 




= (Xffi(A a ))ffi' (o) 




[3] 


e#. <=0 (X) = 








[1] 


€<.i(^e 


;a 8 ) 


e(^i))=ie(A n ) ffi (Aa) 


if a/ 6 


[1] 


e# s<=1 (Xffi 


/" S \ 

v - * a ) 


ffi (a)„ ffi (a) m ) = X ffi (A a) ffi (a) n ffi (a) m 


if n / m 


[2] 


e# s<=1 (Xffi 


/• S \> 


= (xe(Ao))e' (o)i 




[3] 


4<=iW = 


X 







[1] <C <=i+11 (Xffi(A a )ffi(A 6 ))=Xffi(Aa)ffi(Ab) if a # b 

[1] ejf s<=t+u (Xffi(Aa)ffi(a)„ffi(a) m ) = X ffi ( A a) ffi (a) n ffi (a) m if n ± m 

[1] e# s<=t+u (Xffi(Aa)ffi(A6))=Xffi(Aa)ffi(A6) if a/ 6 

[1] ejf s<=t+u (Xffi(Aa)ffi(a) n ffi(a) m ) = X ffi ( A a) ffi (a)„ ffi (a) m if n ^ m 

[1] e# s<=t+u (Xffi(A a )ffi(A6))=Xffi(Aa)ffi(A6) if a + b 

[!] ejf s<=t+u (Xffi(Aa)ffi(a)„ffi(a) m ) =Xffi(Aa)ffi(a)„ffi(a) m if n / m 

[2] e# s<=t+u (X ffi (A a) ffi (A 6) ffi (6)„ ffi (A c ) ffi ( c ) m ) = 

(X ffi (A a ) ffi (A 6) ffi (6) n ffi (A c ) © ( c ) m ) ffi' (a) n+m 

[3] ej f/ s<=t+u (X) = X 

[1] e# s<=t . ll (Xffi(Aa)ffi(A, J ))=Xffi(Aa)ffi(A&) if a + b 

[1] eff s<=t . u (X ffi (A a) ffi (o)„ ffi (a) m ) = X ffi (A a) ffi (o)„ ffi (a) m if n / m 

[1] e# s<=i .JXffi(Aa)ffi(Ab)) = Xffi(A a )ffi(A&) if a ^ 6 

[1] eff 3< = t . u (X ffi (io) ffi (o)„ ffi (a) m ) = X ffi (io) ffi (o)„ ffi (a) m if n / m 

[1] e ^ <=t . ii (Xffi(Aa)ffi(A6))=Xffi(Aa)ffi(A6) if a ^ 6 

[!] eif s<=t . 1I (Xffi(A a )ffi(a) n ffi(a) m ) =Xffi(A a )ffi(a) n ffi(a) m if n ± m 

[2] eff, <=t . u (X ffi (A a) ffi (A b) ffi (6)„ ffi (Ac) ffi (c) m ) = 

(X ffi (A a) ffi (A 6) ffi (&)„ ffi (Ac) ffi (c) m ) ffi' (o)„. m 

[3] ej f/ s<=t . u (X)=X 

[1] e# s<= _ t (Xffi(A a )ffi(A6)) =Xffi(A a )ffi(A6) if a ^ 6 

[1] e# s< _ t (Xffi(A a )ffi(a) ffi (a)m) = X ffi (A a) ffi (a) n ffi (a) m if n m 

[1] e j g r s<= _ t (Xffi(A a )ffi(Ab)) =Xffi(A a )ffi(Ab) \f a ^ b 

[1] eif s<= _ t (Xffi(A a )ffi(a) n ffi(a) m ) = Xffi(A a )ffi(a)„ffi(a) m if n m 

[2] e# s<= _ t (X ffi (A a) ffi (A 6) ffi (b) n ) = (X ffi (A a) ffi (A 6) ffi (&)„) ffi' ( a )_ n 

[3] eff s<= _ t (X)=X 
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Table 2. (Continued) 



[1] 


effs< 




)(A a )( 


8 (Aft)) =lg 


)(A a )®(A&) 


if a 7= 6 


[1] 


effs< 


-i/t(xa 


3 (A a) 


B (a)„ © (a) m ) 


= X ffi (A a) ffi (a)„ ffi (a) m 


if n 7= m 


[1] 


effs< 




3 (A a) 


B(A&)) = Xg 


3(Aa)ffi(Afe) 


if a 7= b 


[1] 


effs< 


=i/t(XQ 


3 (A a) 


33 (a) n © (a)m) 


= X ffi (A a) ffi (a) n ffi (a) m 


if ra 7= m 


[2] 


e ffs< 


=i/t(XQ 


3 (A a) 


B(A6) ©(&)„) 


= (Xffi(Aa)ffi(Ab)® (&)„; 


©' (a)n-i 


[3] 


e ffs< 


=i/t(X) 


= X 











eff s=n (X)=X 








llj 


eff s=? *(X)=X 








llj 


2 /M s! (Xffi(Aa)ffi( 


A6)) = F 




if a 7= & 


[2] 


yld sl (L)=T 






it atooj(L) C AtObj 


[2] 


yld s! (L) = F 






\£ _j.„i,'/r\ aj.au; 
it atooj(L) = AtUbj 


ri i 
[ij 


»w i=t (A-e(Ao)e 


(A6)) = F 




IT a 7= 


[1] 


!/M s=( (Iffi(Aa)ffi 


(A 6 )) = F 




it & 


[2] 


V/d. =t (A-) = T 








h 1 


yld s=t ,(X® (A a)© 


(A6)) = F 




IT CI ^ 


[2] 


V/d. = ,(A-)=T 








llj 


2/W s==t (X® (Aa)( 


B(A6)) = F 




if a / 6 


[1] 


2/W s==t (X® (Aa)( 


B(A6)) = F 




if a / 6 


[2] 


2//d s==t (X®(Aa)©(Aa))=T 






[3] 


V/d. ==t (Xe(Aa)) 


= F 






[3] 


2/W s==t (X®(Aa)) 


= F 






[4] 


»W. ==t (X)=T 








IiJ 


yW i= ,(X8(Ao)) 


= F 






[2] 


VW. == ,(X)=T 








llj 


yld s/f {X® (A a)® 


(A6)) = F 




if a / 6 


[2] 


yld 3/f (X ffi (A a) ffi 


(a A &)) = F 






[2] 


yld s/f (X ffi (A a) ffi 


(aA)) = F 






[3] 


yld 3/f (X® (A a)) = 


= T 






[4] 


V/d.^PO = F 








llj 


yld sXf (X ffi (A a) ffi 


(A6)) = F 




if a b 


[1] 


yld Af (X ffi (A a) ffi 


(a A 6) ffi (a 


A C )) = F 


if 7= c 


[1] 


yld Af (X ffi (A a) ffi 


(a A 6) ffi (a 


A)) = F 




[2] 


yld Af (X ffi (A a) ffi 


(a A &)) = T 






[2] 


yld Af (X ffi (A a) ffi 


(aA)) = T 






[3] 


yZd. u (X) = F 








llj 


yld slf (X ffi (A a) ffi 


(A6)) = F 




if a / 6 


[1] 


l/M s|/ (Xffi(Aa)ffi 


(a A 6) ffi (a 


A C )) = F 


if 6 y= c 


[1] 


yld slf (X ffi (A a) ffi 


(a A b) ffi (a 


A)) = F 




[2] 


yld 3lf (X ffi (A a) ffi 


(a A 6)) = T 






[2] 


yld slf (X ffi (A a) ffi 


(aA)) = T 






[3] 


yW.| / (X) = F 
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Table 2. (Continued) 



[1] 


y/d 3 . /=t (X©(A a )ffi 


(Aft)) = F 


if a / 6 


[1] 

L J 


yld, ,-AX e(A a )e 

if S.J— Z\ \ / 


(a A 6) © (a A c )) = F 


if ft / c 


L J 


f ,(X © (A a) © 

if S.J — t \ ~^ \ / 


(a A 6) © (a A)) = F 




[1] 


yld af=t (X ffi (A a) © 


(Aft)) = F 


if a/ 6 


[2] 


yld sf=t (X ffi (A a) ffi 


(a A fe)) = T 




[2] 


yld af=t (X ffi (A a) © 


(aA)) = T 




[3] 


yld sJ=t (X) = F 






[1] 


2 /W s . /= ,(Xffi(Aa)ffi 


(Aft)) = F 


if a + ft 


L J 


«ZcL f »(X (A a) ffi 


(a A 6) ffi (a A c)) = F 


if ft / c 


fll 


y 3 f — * v ^ v / 


fa A 61 ffi fa AD - F 




[91 




(n — T 




roi 


yld s f= »(X ffi (— >a) ffi 


(a->)) = T 




roi 

Hi 


yids.f=*( x ) = F 






r 1 1 

w 


yld a = t f {X ffi (^ a) ffi 


(->&)) = F 


it a ft 


[!] 


yld s=t j(X ffi (->a) ffi 


(A 6)) = F 


if a / 6 


[1] 




(a A ft) ffi (a A c )) = F 


if ft / c 


[1] 


yld 3=t f (X ffi (A a) ffi 


(a Aft) ffi (a A)) = F 




[2] 


yld s=t f (X ffi (A a ) ffi 


(a A ft)) = T 




[2] 


yld 3=t f (X ffi (A a) ffi 


(aA)) = T 




[3] 


yld s=t . f (X) = F 






[1] 


yW s<=0 (Xffi(A a )ffi 


(Aft)) = F 


if a/ 6 


[1] 


y/rf s<=0 (Xffi(Aa)ffi 


(a) n ffi (a) m ) = F 


if n m 


[2] 


j/W s<=0 (Xffi(A a )) = 


= T 




[3] 


y/rf s<=0 (X) = F 






[1] 


yld s<=1 (X ffi (A a) ffi 


(Aft)) = F 


if a^ft 


[1] 


yld s<=1 (X ffi (A a) © 


(a)„ ffi (a) m ) = F 


if n / m 


[2] 


yW. <=1 (Xe(Ao)) = 


= T 




[3] 


yid s<=1 (X) = F 






[1] 


^d s<=t+u (Xffi(A a ) 


ffi (Aft)) = F 


if a / ft 


[1] 


^ s <= t +J*©( A a) 


ffi (a) n ffi (a) m ) = F 


if n / m 


[1] 


^d s<=t+u (Xffi(A a ) 


ffi (Aft)) = F 


if a / ft 


[1] 


y/rf s<=t+ JXffi(Aa) 


ffi (a)n ffi (a) m ) = F 


if n / m 


[1] 


»W i<=t+u (X©(Ao) 


ffi (Aft)) = F 


if a / ft 


[1] 


»w i<=t+u (xe(Ao) 


ffi (a) n ffi (a) m ) = F 


if n / m 


[2] 


^ s<=t+u (Xffi(A a ) 


ffi (Aft) © (&)„ ffi (Ac) g 


3 (c) m ) = T 


[3] 


»«.<=«+« W = F 
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Table 2. (Continued) 



[1] 


yld 3<=t . u (X ffi (A a) 


ffi (A 6)) = F 




if a ^ b 




yld s<=t . u (X ©(A a) 


ffi (o)„ ffi (o) m ) 


= F 


if n =fc m 




yld s<=t . u (X ® (±> a) 


ffi (—••6)) = F 




if a / 6 


[i] 


yld 3<=t . u (X (B (A a) 


ffi (o)„ ffi (a) m ) 


= F 


if n 7^ rn 


[i] 


yid s<=t . u ( x © 


© = F 




if a / & 


W 


yM s<=t .„(.x"® (Aa) 


ffi (a)„ ffi (o) m ) 


= F 


if n / m 


[2] 


yld g< ^ t , u (X ffi (A a) 


ffi (->&) ffi (6) n 


33 (— » c) ffi (c) m ) 


= T 




y ld s<=t-u{ x ) = F 








r-i i 


yld s<= _ t (X ffi (A a) 


(—►&)) = F 




it a b 


ri l 

w 


yid s< =- t ( x © 


ffi (o)„ ffi (a)m) 


r— 

= h 


\f n ^ m 


[!] 


yld s<= _ t (X ffi (A a) 


ffi (-^ b )) = F 




if a ^ & 


[1] 


2/M s<= _ t (Xffi(Aa) 


ffi (o)„ ffi (a) m ) 


= F 


if n ^ ra 


[2] 


2//fl! s<= _ t (Xffi(Aa) 


ffi (A 6) ffi (&)„) 


= T 




[3] 


yld s<= _ t (X) = F 








r-i i 
[!] 


y ld s<=i/t( x © (^a) 


/-r\ / s L\\ I - 

ffi ( — *<>)) = F 




it a » 




y ld s<=i/t( x © (^> a ) 


.1-. / \ -Tv / \ \ 

ffi (a)n ffi (o)m) 


= F 


if n ^ m 


[i] 


y ld s<=i/t( x ffi 


© (^* & )) = F 




if a / 6 


[i] 


y ld s<=i/t( x © 


ffi (o)„ ffi (o) m ) 


= F 


if n 7^ m 


[2] 


y ld s<=i/t( x © 


ffi (A 6) ffi (&)„) 


= T 




[3] 


</Zd s<=1/t (X) = F 








[1] 


2/Zd s=?t (Xffi (Aa)ffi 


(A&)) = F 




if a / 6 


[1] 


yld s=?t (X ffi a) ffi 


(o) n ffi (a)m) = 


F 


if n / m 


[1] 


«//aU ?t (Xffi(A a )ffi 


(A&)) = F 




if a / 6 


[1] 


2//flU ?t (Xffi(A a )ffi 


(o)„ ffi (a) m ) = 


F 


if n / m 


[2] 


2//aU ?t (Xffi(A a )ffi 


(o)„ ffi (A 6) ffi 


(&)„) = T 




[3] 


wW. =7t (A-) = F 








[1] 


yld s=7t (X 


(A&)) = F 




if a / 6 


[2] 


i/i(i rf ,(xe(^fl)j 


(a)„) = F 






[3] 


»w, =7 ,(xe(Ao)) 


= T 






[4] 


»W S=7 .(X) = F 









The priority rewrite system for DLD is used in Section 8 in examples con- 
cerning computations in which the basic actions of DLD are involved. 

Below, we state some properties of the priority rewrite system for DLD. For 
the purpose of stating the properties in question rigorously, we introduce the set 
£ of effect terms and the set y of yield terms. They are inductively defined by 
the following rules: 

- e £; 

- if s E Spot and a e AtObj, then A a 6 £; 

- if a g AtObj and / g Field, then a A g £ ; 
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- if a, b e AtObj and / e Field, then a J ->be£; 

- if a G AtObj and n G Value, then (ct)„ G £; 

- if £>!, D 2 G £, then L>i © L> 2 G £; 

- if £>i, £> 2 G f , then D x ffi' D 2 G £; 

- if a G ,4dld and D £ £, then eff a (D) G £; 

- if a G ,4dld and D e£, then yld a (D) G ^. 

Clearly, 2? is a proper subset of £. We can prove that effect terms have normal 
forms that are basic terms over DLA. 

Theorem 2 (Normal forms). The priority rewrite system for DLD has the 

following properties concerning normal forms with respect to reduction modulo 
AC1: 

1. all elements of £ have unique normal forms modulo AC1; 

2. the normal forms of the elements of £ are basic terms over DLA; 

3. all elements of y have unique normal forms; 

4- the normal forms of the elements of y are T and F. 

Proof. Properties 1 and 3 are proved combined by showing that all closed DLD 
terms are weakly confluent modulo AC1 and strongly normalizing modulo AC1. 

In the proof of the weak confluence modulo AC1 of all closed DLD terms, 
we use the one-step equality relation H. This relation is defined as the closure 
of the set of all closed instances of the equations in AC1 under symmetry and 
closed contexts. The following holds for the ordering < on the rewrite rules of 
DLD: 

- r' < r if and only if the left hand side of r is a substitution instance of the 
left hand side of r' ; 

- for all critical pairs of rewrites (t — ► s,t' — > s') that arise from overlap 
modulo AC1 of a rewrite rule on an incomparable rewrite rule, s and s' have 
a common reduct; 

- for all critical pairs of rewrites (t — > s,t' H s') that arise from overlap 
modulo AC1 of a rewrite rule on an equation from AC1, there exists a one- 
step reduction s' -^ AC i s" that consists of the contraction of a redex modulo 
AC1 such that s and s" have a common reduct; 

- overlaps between comparable rewrite rules are overlaps at the outermost 
occurrence only. 

From this, the weak confluence modulo AC1 of all closed DLD terms follows 
straightforwardly following the same line of reasoning as in the proof of Theo- 
rem 4.8 from [1] and using Theorem 16 from [20]. 

In the proof of the strong normalization modulo AC1 of all closed DLD 
terms, we write AC for the set of equations that consists of the associativity 
and commutativity axioms for ©. Moreover, we write and ^^ci f° r the 

one-step reduction relations modulo AC and AC1, respectively, determined by 
the underlying term rewriting system of the priority rewrite system for DLD. 
First, it is proved that all closed DLD terms are strongly normalizing modulo 
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AC in the underlying term rewriting system of the priority rewrite system for 
DLD. This is easily proved by means of the reduction ordering induced by the 
integer polynomials <f>(D) associated with DLD terms D as follows: 

</>(X) = X , 

0(Aa)=3, m = 2, 

4>(a-I*)=3, 4>(Di®D a )=^(D 1 ) + ^(D a ) + l, 

#a^6) = 3, <t>(Di®'D 2 ) = 0(d) ■4>{D 2 ), 

0((a)„)=3, 4>(eff a (D)) = 4-<p(D), 

0(T)=3, <t>(yld a (D)) = 4- 4>(D), 

0(F) = 3 , 

where it is assumed that, for each variable X over data linkages, there is a 
variable X_ over integers. Next, it is proved by means of a function on closed 
DLD terms that all closed DLD terms are strongly normalizing modulo AC1 in 
the underlying term rewriting system of the priority rewrite system for DLD. 
The function 0, which transforms closed DLD terms to ones whose one-step 
reductions modulo AC1 do not depend on the identity axiom for ©, is defined 
by 9(D) =0 1 (0 (£>)), where 

o (Ao) = Aa, 6> o (0©£>) = 6 (D) , 

e (a±)=a±, 0«(Dffi0) = 9 (D) , 

8 (a X 6) = a -A b , °»(Di © D 2 ) = 6>o(d) © 9 (D 2 ) if d ^ A D 2 £ , 

0o((a)„) = (a)„ , ' 0o(d©'d)=0o(d)ffi'0o(d), 

O (0)=0, o (eff a (D)) = eff a (0o(D)) , 

0o(T)=T, o (yld a (D)) = yld a (e (D)) , 



and 



0o(F) = F 



?i(Aa) = Ao , 6>i ( 



ft(ai)=ai, ^! (d © d) = 6>i (d) ® 6 1 (D 2 ) , 

9l{a 1> b) = a X b , 0i(Di®' Eh) = (0® 0i(d)) ©' 0i(d) , 
0i((a)„) = (a)„ , h{eff a {D)) = eff a (<b®6,(D)) , 

0i(T) = T , Oi(yld a (D)) = yld a {%®6 1 (D)) , 

0i(F) = F . 

It is easy to see that f -»^ C1 s only if 0(f) — 0(s). From this it follows that, 
for each reduction sequence with respect to -^' AC1 , the sequence obtained by 
replacing each term f in the reduction sequence by 0(f) is a reduction sequence 
with respect to -^^ c . Now assume that not all closed DLD terms are strongly 
normalizing modulo AC1 in the underlying term rewriting system of the priority 
rewrite system for DLD. Then there exists an infinite reduction sequence with 
respect to ->^ C1 . Consequently, there exists an infinite reduction sequence with 
respect to — as well. In other words, not all closed DLD terms are strongly 
normalizing modulo AC in the underlying term rewriting system of the priority 
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rewrite system for DLD. However, the contrary was proved above. Hence, all 
closed DLD terms are strongly normalizing modulo AC1 in the underlying term 
rewriting system of the priority rewrite system for DLD. From this, it follows 
immediately that all closed DLD terms are strongly normalizing modulo AC1 in 
the priority rewrite system for DLD. 

Properties 2 and 4 are easily proved combined by structural induction. □ 

In Table 2, L stands for an arbitrary basic term over DLA. This means that 
each rewrite rule schema in which L occurs represents an infinite number of 
rewrite rules. We have a corollary of Theorem 2 which is relevant to this point 
because, modulo AC1, the number of normal forms of the priority rewrite system 
for DLD is finite. 

Corollary 1 (Equivalent priority rewrite system). The priority rewrite 
system obtained from the priority rewrite system for DLD by restricting the basic 
terms over DLA that L stands for to the normal forms with respect to reduction 
modulo AC1 determines the same one-step reduction relation modulo AC1 as the 
priority rewrite system o/DLD. 

Let a priority rewrite system (1Z, <) be given. Let r be rewrite rule from 1Z, 
and let t — > s be an r-rewrite. Then r is enabled for t if t — ► s belongs to the 
one-step reduction relation determined by (R, <). 

Proposition 1 (Enabled rewrite rules). Let r be a rewrite rule from the 
priority rewrite system for DLD 7 and let D be a closed r-redex. Then 

1. if D ^ eff a (D') and D ^ yld a (D') for all a G ^dld and D' G S, then r is 
enabled for D; 

2. if D = eff a (D') or D = yld a (D') for some a 6 ^4dld and D' G £, then r is 
enabled for D if and only if D is not a closed r 1 -redex for some rewrite rule 
r' with r < r' . 

Proof. This follows immediately from the definition of the one-step reduction 
relation determined by a priority rewrite system and the priority rewrite system 
for DLD. □ 

We have an interesting corollary of Theorem 2, Corollary 1, and Proposi- 
tion 1. 

Corollary 2 (Decidability of reduction relation). The one-step reduction 
relation modulo AC1 determined by the priority rewrite system for DLD is de- 
cidable. 

5 Reclaiming Garbage in Data Linkage Dynamics 

Atomic objects that are not reachable via spots and fields can be reclaimed. 
Reclamation of unreachable atomic objects is relevant because the set AtObj 
of atomic objects is finite. There are various ways to achieve reclamation of 
unreachable atomic objects. In this section, we introduce some of them. 
Data linkage dynamics has the following reclamation-related actions: 
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— for each s G Spot, a get fresh atomic object action with safe disposal s\\; 

— for each s, t G Spot, a set spot action with safe disposal s \= t; 

— for each s G Spot, a clear spot action with safe disposal s \= *; 

— for each s, t G Spot, / G Field, a set field action with safe disposal s.f \= t; 

— for each s G Spot, / G Field, a clear field action with safe disposal s. f \= *; 

— for each s, t G Spot, / G Field, a get /ie/rf action with safe disposal s \= t.f; 

— for each s G Spot, a get fresh atomic object action with unsafe disposal s\\\; 

— for each s,t G Spot, a set spot action with unsafe disposal s \\— t; 

— for each s G Spot, a c/ear spot action with unsafe disposal s \\= *; 

— for each s, t G Spot, / G Field, a set /jeZd action with unsafe disposal s.f \\= t; 

— for each s G Spot, / G Field, a clear field action with unsafe disposal s.f \\= *; 

— for each s, t G Spot, / G Field, a get field action with unsafe disposal s \\= t.f; 

— a restricted garbage collection action rgc; 

— a full garbage collection action fgc. 

If only locally deterministic spots and fields are involved, these reclamation- 
related actions of data linkage dynamics can be explained as follows: 

— s\\: if a fresh atomic object can be allocated, then the content of spot s 
becomes that fresh atomic object, the old content of spot s is reclaimed 
in case it has become an unreachable atomic object, and the reply is T; 
otherwise, nothing changes and the reply is F; 

— s\—t: the content of spot s becomes the same as the content of spot t, 
the old content of spot s is reclaimed in case it has become an unreachable 
atomic object, and the reply is T; 

— s \= *: the content of spot s becomes undefined, the old content of spot s is 
reclaimed in case it has become an unreachable atomic object, and the reply 
is T; 

— s.f \= t: if the content of spot s is an atomic object and / belongs to the 
fields of that atomic object, then the content of that field becomes the same 
as the content of spot t, the old content of the field is reclaimed in case it has 
become an unreachable atomic object, and the reply is T; otherwise, nothing 
changes and the reply is F; 

— s.f \= *: if the content of spot s is an atomic object and / belongs to the 
fields of that atomic object, then the content of that field becomes undefined, 
the old content of the field is reclaimed in case it has become an unreachable 
atomic object, and the reply is T; otherwise, nothing changes and the reply 
is F; 

— s \= t.f: if the content of spot t is an atomic object and / belongs to the 
fields of that atomic object, then the content of spot s becomes the same as 
the content of that field, the old content of spot s is reclaimed in case it has 
become an unreachable atomic object, and the reply is T; otherwise, nothing 
changes and the reply is F; 

— s\\!: if a fresh atomic object can be allocated, then the content of spot 
s becomes that fresh atomic object, the content of everything containing 
the old content of spot s becomes undefined, the old content of spot s is 
reclaimed, and the reply is T; otherwise, nothing changes and the reply is F; 
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— s \\= t: the content of spot s becomes the same as the content of spot t, the 
content of everything containing the old content of spot s becomes undefined, 
the old content of spot s is reclaimed, and the reply is T; 

— s \\= *: the content of spot s becomes undefined, the content of everything 
containing the old content of spot s becomes undefined, the old content of 
spot s is reclaimed, and the reply is T; 

— s.f \\— t: if the content of spot s is an atomic object and / belongs to the 
fields of that atomic object, then the content of that field becomes the same 
as the content of spot t, the content of everything containing the old content 
of the field becomes undefined, the old content of the field is reclaimed, and 
the reply is T; otherwise, nothing changes and the reply is F; 

— s.f \\— *: if the content of spot s is an atomic object and / belongs to the 
fields of that atomic object, then the content of that field becomes undefined, 
the content of everything containing the old content of the field becomes un- 
defined, the old content of the field is reclaimed, and the reply is T; otherwise, 
nothing changes and the reply is F; 

— s \\— t.f: if the content of spot t is an atomic object and / belongs to the 
fields of that atomic object, then the content of spot s becomes the same as 
the content of that field, the content of everything containing the old content 
of spot s becomes undefined, the old content of spot s is reclaimed, and the 
reply is T; otherwise, nothing changes and the reply is F; 

— rgc: all unreachable atomic objects that do not occur in a cycle are reclaimed, 
and the reply is T; 

— fgc: all unreachable atomic objects are reclaimed, and the reply is T. 

If not only locally deterministic spots and fields are involved in performing a 
reclamation-related action, there is no state change and the reply is F. 

The differences between the actions with safe disposal and their counterparts 
without disposal turn out to be insufficiently uniform to allow for the actions 
with safe disposal to be explained by means of a general remark about the 
differences. A similar remark applies to the actions with unsafe disposal. 

Full or restricted garbage collection can be made automatic by treating each 
s ! as if it is fgc or rgc followed by s !. 

Garbage collection originates from programming languages that support the 
use of dynamic data structures. It is not only found in contemporary object- 
oriented programming languages such as C# [18,16], but also in historic pro- 
gramming languages such as LISP [24,25]. In [24], the term reclamation is used 
instead of garbage collection. 

The rewrite rules for full garbage collection and restricted garbage collection 
are given in Tables 3 and 4, respectively The rewrite rules for safe disposal and 
unsafe disposal are given in Table 5. In these tables, s and t stand for arbitrary 
spots from Spot, / and g stand for arbitrary fields from Field, a, b, c and d stand 
for arbitrary atomic objects from AtObj, and n stand for an arbitrary value from 
Value. 

The operators eff fgc and eff rgc are described using the auxiliary operators fgc 
and rgc, respectively. We mention that in fgc(L, L')\ 
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Table 3. Rewrite rules for full garbage collection 



W eff fgc (X)=fgc(®,X) 

[1] yld fgc (X) = T 

[1] / S c(X,(A a )©y)=/ flc (X©(A a ),y) 

[1] fgc(X © ( A a), (a A) © Y) = fgc(X ffi(Aa)ffl (a A), F) 

[i] / 5C (x©(aAft),(ftA)©y) =/ 5C (x©(a A&)©(6A),y) 

[i] /jc(iffi(Afl),( fl i»(,)ey) =Wie(^a)e(aii)),y) 

[1] / ff c(X ® (a -A 6), (6 A c ) © y) = / flc (X ©(ail))©^ c), F) 

[i] / 5 c(x e ( a a ), ( )„ e y) = / ffc (x © ( a a ) © ( a )„, y) 

[1] / ffc (X (a A 6), (6)„ © Y) = fgc(X © (a A ft) © (6)„, y) 

[2] / sc (x,y) = x 



Table 4. Rewrite rules for restricted garbage collection 

W eff rF (X) = rgc{Q,X) 

[1] y/rf rgc (X) = T 

[1] ^(AolffiY) = r 5 c(Xffi(Aa),F) 

[1] r<?c(X © (Aa), (a -4) © Y) = rgc{X © (A a) © (a -4), y) 

[1] n/c(X © (a A 6), (6 A) © Y) = rgc{X © (a A 6) © (6 A), y) 

[1] rpc(X, (ait)® (6 A) © y) = r 5 c(X © (6 A) , (a A ft) © y) 

[1] n?c(X © ( A o), (a 4 6) © y) = r ff c(X © ( A a) © (a A 6), Y) 

[1] n?c(X © (a A ft), (ft A c) © Y) = n?c(X © (a A 6) © (6 A c ), y) 

[1] rgc(X, (a A ft) © (ft A c ) © F) = rgc(X © (ft A c), (a A ft) © y) 

[1] n?c(X © (Aa), (a)„ © F) = r#c(X © (A a) © (a)„, F) 

[1] n/c(X © (a A ft), (ft) n © Y) = rgc(X © (a A ft) © (ft)„, F) 

[1] r ff c(X, (a A ft) © (ft) n © Y) = rgc(X © (&)„, (a A ft) © y) 

[1] n?c(X,0)=X 

[2] r(? C (X,y) = rg C (0,X) 



— L © L' is the data linkage on which full garbage collection is carried out; 

— all atomic objects found in L are already known to be reachable; 

— if all atomic objects found in V are unreachable, then L is the result of full 
garbage collection on L®L'. 

We mention that in rgc(L, L'): 

— L © V is the data linkage on which removal of all links from and value 
associations with atomic objects that have a reference count equal to zero is 
carried out repeatedly until this is no longer possible (the reference count of 
an atomic object is the number of links to that atomic object); 

— all atomic objects found in L are already known to have a reference count 
greater than zero; 
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Table 5. Rewrite rules for safe and unsafe disposal 



[1] eff a V (X ffi (A a)) = d lSPa (0, eff s ,(X ffi ( A a))) 
[2] eff sV {X) = eff sl {X) 

[1] eff sX=t (Xffi(A a )) = <fep o (0,eff s=t (X0(Aa))) 
[2] e# sX=( (X) = eff s=t {X) 

W e# sX= »(X © (A a)) = <fep a (0, e# s= ,(X © (A a))) 
[2] e#. x= ,(X) = Cj 0U.(X) 

[1] e# s . A=t (X © (A a) © (a A &)) = & S p b (0, e# 3 . /=t (X © (A a) © (a A 6))) 
[2] e# s . A=t (X) = eff sJ=t {X) 

[1] e# s . A= *(X © (A a) © (a A &)) = dw P(( (0, eff.. f= ,(X © (A a) © (a A 6))) 
[2] eff aJS= ,(X) = eff a _ f= ,(X) 

[T] eff A=t , f (X © (A a)) = <fop 6 (0, e# s=t . y (X © (A a))) 
[2] eff^fiX) = eff s=tJ (X) 

[1] e# sXV (Xffi(A a )0(A&)) = X0(Aa)0(A&) if a ^ 6 

[2] e# sW (Xffi(Aa)) = & ?a (|,cir a (ef s! (I©(A«)))) 
[3] eff sKV (X) = e# s ,(X) 

]ij e# sXX=( (Xffi(Aa)©(A6)) = Xffi(Aa)©(A6) if a # 6 

[1] e# sXX=t (Xffi(^a)ffi(A6)) = Xffi(Aa)ffi(A6) if a ^ b 

[2] e# sXX=t (Xffi(Aa)) = fe Pa (0,dr a ( e # s=i (Xe(Aa)))) 
[3] e# sXX=t (X) = e# s=t (X) 

[1] e j e r sXW (Xffi(Aa)e(A6)) = X0(Aa)e(A&) if a ^ 6 

[2] eff AX=r (X © (A a)) = disp a {%, clr a (eff t= ,(X © (Aa)))) 
[3] e# aXX= ,pO = e# 3= „(X) 

[1] e # s . AX=t (Xffi(Aa)ffi(A6))=Xffi(A a )ffi(A&) if a ^ 6 

[1] eff s . AX=t (X © ( A a) © (a A b) (a A c )) = 

Xffi(A a )ffi(a is)ffl(aic) if 6 / c 

[1] eff sJ ^ =t (X ffi (A a) ffi (a A 6) ffi (a A)) = 

Xffi(A a )ffi( a ife)ffi(aA) 
[1] e# s . AX=t (X ffi (A a) ffi (A 6)) = X ffi (A a) ffi (A b) if a * b 

[2] eff s . AX=t (Xffi(Aa)©(aA6)) = 

dwp fc (0, dr a (eff sJ=t (X ffi (A a) © (a A 6)))) 
[3] e# s . AX=t (X) = eff sJ=t (X) 

[1] e# s . A \=, (X ffi (A a) ffi (A 6)) = X ffi (A a) ffi (A b) if a ^ 6 

[1] e# s . AX= ,(X ffi (A a) ffi (a A b) ffi (a A c)) = 

Xffi(A a )ffi(a A 6) ffi (a Ac) if 6 + c 

[1] e# s . AX=l (X ffi (A a) ffi (a A 6) ffi (a A)) = 

Xffi(Aa)ffi(aib)ffi(aA) 
[2] e # s . AX= ,(X0(Aa)0(aA6)) = 

dtap fc (0, clr a (eff s J= *(X ffi (A a) ffi (a A 6)))) 
[3] eff s . /xx= ,(X) = eg^(X) 
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Table 5. (Continued) 



[1] eff s ^ =tJ (X ffi ( A a) ffi (A 6)) = X e (A a) ( A b) if a ^ 6 

[1] e# s \\=i./( X © a ) © 6 )) = X © «) © ( fc ) if a ^ fe 

[1] eff 3 ^ =t , f (X ffi ( A a) (a A 6) ffi (a X c)) = 

X ffi (A a) ffi (a A b) ffi (a Ac) if 6 ^ c 

[1] eff s ^ =tJ (X ffi (A a) ffi (a A 6) ffi (a A)) = 

i®(i«)ffi(oii))e((ii) 

[2] eff,^ =tmf (X ffi (A a)) = di S p 6 (0, dr a (eff s=tJ (X ffi (A a)))) 

[3] eff.^.fiX) = eff s=tJ (X) 

[1] yZd, v = 

[1] »W. x=t (X) = dd 3=t (X) 

[1] yW, x= ,(X) = »W, = .(A:) 

[1] yW.. A=t (X) = yU.. f=t (X) 

[1] yld,. f \ = ,(X) = yld,. f=m {X) 

[1] yld tS=t . f (X) = yU^X) 

[1] j,Jd, w (X) = yW. I pO 

[1] y/d. XN=t (X) = dd s=t (X) 

[1] yW, u= ,(A:) = wW, = ,(A:) 

[1] yW,. AN=t (X) = yld.. f=t (X) 

[1] yW,. AN= .(A-) = yld.. f= .(X) 

[1] yld s ^ =t . f (X) = yW, = t./(*) 

[i] fep d (x,(A a )ffiy) = disp d (xe(A a ),y) 

[1] disp d (X ffi (Aa), (a A) ffi y) = disp d (X ffi (Aa) ffi (a A), y) 

[i] fe Pd (Xffi(ai&),(6A)ffiy) = d«sp d (xe(o A 6) e(6 A), y) 

[1] d lS p d (Xffi(A a ),(a Afo)®y) = disp d (Xffi(A a )ffi(a Ab),y) 

[1] fep d (X ffi (a -A 6), (6 A c) ffi y) = d lS p d (X ffi (a A b) ffi (6 A c ), y) 

[1] disp d (X ffi (A a), (o) n ffi y) = disp d (X ffi (A a) ffi (o)„, y) 

[1] fep d (X ffi (a A 6), (&)„ ffi y) = disp d (X ffi (a A b) ffi (&)„, y) 

[2] d iS p d (Xffi(Ad),(a Ad)®y) = disp d (Xffi (Ad) ffi (a id),F) 

[2] fep d (X ffi (a A d), (6 A d) ffi y) = d lS p d (X ffi (a A d) ffi (b A d), y) 

[3] disp d (X, (a A) ffi y) = disp d (X ffi (a A), y) if a ^ d 

[3] disp d (X, (a Aft) ®y) = disp d (X ffi (a Ab),y) ifa/dAb/d 

[3] disp d (X, (o)„ ®y) = disp d (X ffi (a)„,y) if o ^ d 

[4] fe Pd (X,y) =X 

[1] c /r d (Xffi(Ad)) = c/r d (X) 

[1] dr d (Xffi(Aa)) = c/r d (X)ffi(A a ) if a ^ d 

[1] dr d (Xffi(aA)) = c /r d (X)ffi(aA) 

[1] c/r d (Xe(oAd)) = c/r d (X)e(oA) 

[1] clr d (X ffi (a A 6)) = dr d (X) ffi (a A 6) if 6 ^ d 

[1] cZr d (Xffi (o)„) = dr d (X) ffi (o)„ 
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— if all atomic objects found in V have a reference count equal to zero, then 
L is the result of removing all links from and value associations with atomic 
objects that have a reference count equal to zero from L © L'; 

— atomic objects found in L that have a reference count greater than zero in 
L® L' may have a reference count equal to zero in L. 

It is striking that the description of restricted garbage collection by means of 
rewrite rules with priorities is more complicated than the description of full 
garbage collection by means of rewrite rules with priorities. 

The operators eff s \ U eff s \ =t , eff s \=*, eff s f \ =u e/f s A= „, eff s \ =t f, eff s \y, 

effs\\=t> e ffs\\=*> e# s ./\\=t ; eff a .f\\=* and e ffs\\=t.f are described using auxil- 
iary operators disp a and clr a (a G AtObj). We mention that in disp a (L, L'): 

— L © L' is the data linkage on which safe disposal of a is carried out; 

— all atomic objects found in L are already known not to be involved in the 
safe disposal of a; 

— links and value associations are moved from L' to L in stages as follows: 

• first, all links and value associations that make up the reachable part of 
L © V are moved from L' to L, 

• next, all links to a and value associations with a are moved from L' to 
L if a is found in L, 

• finally, all links and value associations in which a is not involved are 
moved from L' to L; 

— if all atomic objects found in L' are involved in the safe disposal of a, then 
L is the result of safe disposal of a on L © L' . 

We mention that clr a (L) removes spot links to a from L and and replaces field 
links to a by partial field links. Carrying out safe disposal of a on clr a (L) amounts 
to the same thing as removing all links and value associations in which a is 
involved from L, i.e. carrying out unsafe disposal of a on L. 

DLD roc i is DLD extended with the reclamation features introduced above. 
The priority rewrite system of DLD roc i consists of the rewrite rules of DLD and 
the rewrite rules given in Tables 3, 4 and 5. Each of the rewrite rules of DLD 
is incomparable with each of the additional rewrite rules. Moreover, additional 
rewrite rules in different tables are incomparable. 

For DLD rcc i, the set of effect terms and the set of yield terms can be defined 
like for DLD. Theorem 2 and Proposition 1 go through for DLD roc i. Moreover, 
the enablcdness of rewrite rules for the auxiliary operators can be characterized 
like for the effect and yield operators. This means that the one-step reduction 
relation modulo AC1 determined by the priority rewrite system for DLD rec i is 
dccidable as well. 

In the following examples concerning the reclamation features introduced 
above, we take the set {n \ n £ {0, . . . , 9}} for AtObj. 

Example 1. We consider a data linkage in which 2 and 3 occur as unreachable 
atomic objects: 

(^0)ffi(0^1)ffi(2^3)ffi(3^2) . 
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We use the rewrite rules for full garbage collection to obtain the following picture 
of its application to this data linkage: 

eff fgc ((A 0) © (2 ^ I) © (2 ^ 3) ffi (3 A 2)) - xol 

/ ac (0, (Ao) ® (o A i) e (2 A 3) © (3 ^ 2)) - xol 
M(A o), (0 A 1) e (2 A 3) © (3 A 2)) - xol 
M(A 0) © (0 A i), (2 A 3) e (3 a 2)) - xol 
(Ao)e(o^i) . 

We use the rewrite rules for restricted garbage collection to obtain the following 
picture of its application to the same data linkage: 

ejM^Q) © (0 ^ 1) (2 A 3) ffi (3 A 2)) ^ AC1 

^(0, (Ao) ® (0 A 1) ® (2 A 3) ® (3 A- 2)) ^ AC1 

rpc((A0), (0 A 1) ffi (2 A 3) ffi (3 A 2)) -> AC i 
rgc(( A 0) ffi (0 A 1), (2 A 3) ffi (3 A 2)) ^ AC1 
f»c(( A 0) © (0 A 1) © (3 A" 2), (2 A 3)) ^ AC1 
H?c((A 0) ffi (0 A 1) ffi (3 A" 2) ffi (2 A 3), 0) -> A01 
(AO) ffi (0_Al) ffi (3 ^ 2) ffi (2 A3) . 

The effect of restricted garbage collection is different because it does not reclaim 
atomic objects that occur in a cycle. 

Example 2. We consider a data linkage in which atomic object is reachable in 
different ways: 

(AO) ffi (AO) ffi (0_Al) ffi (A 2) ffi (2 A3) . 

We use the rewrite rules for set spot with safe disposal to obtain the following 
picture of its application to this data linkage: 

^ sW ((A0) ffi (AO) ffi (0 A 1) ffi (A2) ffi (2 A 3)) ^ AC1 
<f"Po(0, eff s=t ((A0) ffi (AO) ffi (OA 1) ffi (A 2) ffi (2 A3))) ^ AC1 
dispell), (AO) ffi (A 2) ffi (OA 1) e (A 2) ffi (2 A3)) ^ AC1 
oM^O), (A 2) ffi (0 A 1) ffi (A 2) ffi (2 A3)) ^ AC1 
5o((^2)ffi(A2),(oAl)e(A2)ffi(2 A3))^ AC1 
Bo((^Q) ffi (A 2) ffi (0 A 1), (A 2) ffi (2 A3)) -> AC1 
dispM A 0) ffi (A 2) ffi (0 A l) ffi (A 2), (2 A 3)) 
dispM^O) ffi (A 2) ffi (0 A 1) ffi (A 2) ffi (2 A 3), 0) 
(AO) ffi (A 2) ffi (0 A 1) ffi (A 2) ffi (2 A3) . 

We use the rewrite rules for set spot with unsafe disposal to obtain the following 
picture of its application to the same data linkage: 



* A C1 

* A C1 
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effs\\=t ((- 0) ffi ( A 0) ffi (0 ^ 1) © (A 2) ffi (2 ^ 3)) _> AC1 

d lS po(0, c/r tt (e#, =t ((A0) © (AO) © (0^1) © (A 2) ffi (2^3)))) ^ AC1 

disp {1 {%, c/r a ((AO) ffi (A 2) ffi (0^1) ffi (A 2) ffi (2^3))) ^ AC1 

dispo(0> c/r a ((A 2) © (0 ^ 1) ffi (A 2) ffi (2 ^ 3))) ^ AC1 

<fop fl (0, clro((^2) ffi (Q ^ 1) ffi (A 2)) ffi (2 ^ 3)) ^ AC1 

dwp a (0> c/r a ((A 2) ffi (0 ^ 1)) ® (A 2) ffi (2 ^ 3)) ^ AC1 

dispo(0, *o(^2) ffi (0 A 1) ® (A 2) ffi (2 ^ 3)) -> AC1 

dwp a (0, (A 2) ffi (0 A 1) ffi (A 2) ffi (2 A3)) ^ AC1 

dispM^Z), (Q A 1) ® (A 2) ffi (2 A 3)) ^ AC1 

dwPo(( A 2) ffi (A 2), (0 A 1) ffi (2 A 3)) ^ AC1 

dispM^2) ffi ( A 2) ffi (2 A 3), (0 A 1)) ^ AC1 

(A2)ffi(A2)ffi(2 A3) . 

The effect of set spot with unsafe disposal is different because it reclaims an 
atomic object irrespective of its reachability. 



6 Basic Thread Algebra 

In this section, we review BTA (Basic Thread Algebra), a form of process algebra 
which is tailored to the description of the behaviour of deterministic sequential 
programs under execution. The behaviours concerned are called threads. 

In BTA, it is assumed that a fixed but arbitrary finite set A of basic actions, 
with tau A, has been given. We write At 3U for Ali {tau}. The members of A tau 
are referred to as actions. 

The intuition is that each basic action performed by a thread is taken as a 
command to be processed by some service provided by an execution environ- 
ment. The processing of a command may involve a change of state of the service 
concerned. At completion of the processing of the command, the service pro- 
duces a reply value. This reply is either T or F and is returned to the thread 
concerned. 

Although BTA is one-sorted, we make this sort explicit. The reason for this 
is that we will extend BTA with an additional sort in Section 7. 

The algebraic theory BTA has one sort: the sort T of threads. To build terms 
of sort T, BTA has the following constants and operators: 

— the deadlock constant D : T; 

— the termination constant S : T; 

— for each a S _4, tau , the binary postconditional composition operator _ < a > _ : 
TxT^T. 

Terms of sort T are built as usual (see e.g. [28,30]). Throughout the paper, we 
assume that there are infinitely many variables of sort T, including x,y, z. 

We use infix notation for postconditional composition. We introduce action 
prefixing as an abbreviation: aop, where p is a term of sort T, abbreviates 
p < a > p. 
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Table 6. Axiom of BTA 



x < tau > y = x < tau > x Tl 



Let p and g be closed terms of sort T and a E -4tau- Then p < a> g will 
perform action a, and after that proceed as p if the processing of a leads to the 
reply T (called a positive reply), and proceed as q if the processing of a leads 
to the reply F (called a negative reply). The action tau plays a special role. It 
is a concrete internal action: performing tau will never lead to a state change 
and always lead to a positive reply, but notwithstanding all that its presence 
matters. 

BTA has only one axiom. This axiom is given in Tabic 6. Using the abbrevia- 
tion introduced above, axiom Tl can be written as follows: x < tau > y = tau o x. 

Each closed BTA term of sort T denotes a finite thread, i.e. a thread of which 
the length of the sequences of actions that it can perform is bounded. Guarded 
recursive specifications give rise to infinite threads. 

A guarded recursive specification over BTA is a set of recursion equations 
E = {X = px ley}, where V is a set of variables of sort T and each px is a 
term of the form D, S 01 p<a\>q with p and g BTA terms of sort T that contain 
only variables from V. We are only interested in models of BTA in which guarded 
recursive specifications have unique solutions, such as the projective limit model 
of BTA presented in [3]. 

7 The Use Mechanism 

A thread may perform an action for the purpose of interacting with a service 
that takes the action as a command to be processed. The processing of an action 
may involve a change of state of the service and at completion of the processing 
of the action the service returns a reply value to the thread. In this section, we 
introduce the use mechanism, which is concerned with this kind of interaction 
between threads and services. 

It is assumed that a fixed but arbitrary finite set T of foci and a fixed but 
arbitrary finite set A4 of methods have been given. Each focus plays the role 
of a name of some service provided by an execution environment that can be 
requested to process a command. Each method plays the role of a command 
proper. For the set A of actions, we take the set {/.to \ f E T ,m E M}. 
Performing an action /.to is taken as making a request to the service named / 
to process command to. 

A service H consists of 

— a set S of states; 

— an effect function eff : M x S — > S; 

— a yield function yld : M. x S — > {T, F, B}; 

— an initial state sq E S; 
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Table 7. Axioms for use operators 



S/ f H = S 
D/ f H=D 
(tau ox) I ' f H = tau 
(x<g.mt>y) / f H -- 
(x < f.m >y)/fH-- 
(x < f.m >v)/ f H-- 
(x < f.m > y) / f H = 



satisfying the following condition: 

3s e S • Vra e M • 

(j/ta(m, s) = B A W e S • (yld(m, s') = B eff(m, s') = s)) . 

The set S contains the states in which the service may be, and the functions eff 
and yld give, for each method m and state s, the state and reply, respectively, 
that result from processing m in state s. 

Given a service H = (S, eff, yld, sq) and a method m G M: 

— the derived service of Zf after processing m, written -j^H, is the service 
{S,eff,yld,eff(m,s Q )); 

— the repfa/ of H after processing m, written H(m), is yld(m, s ). 

A service ff can be understood as follows: 

— if a thread makes a request to the service to process m and H(m) ^ B, then 
the request is accepted, the reply is H{m), and the service proceeds as 

— if a thread makes a request to the service to process m and H(m) = B, then 
the request is rejected. 

By the condition on services, after a request has been rejected by the service, it 
gets into a state in which any request will be rejected. 

We introduce yet another sort: the sort S of services. However, we will not 
introduce constants and operators to build terms of this sort. We introduce the 
following additional operators: 

— for each / € T, the binary use operator _/y_:Tx S^T. 

We use infix notation for the use operators. 

Intuitively, p / / H is the thread that results from processing all actions per- 
formed by thread p that are of the form f.m by service H. When an action of 
the form f.m performed by thread p is processed by service H, that action is 
turned into the internal action tau and postconditional composition is removed 
in favour of action prefixing on the basis of the reply value produced. 

The axioms for the use operators are given in Table 7. In this table, / and 
g stand for arbitrary foci from T, m stands for an arbitrary method from M, 



TSUI 
TSU2 

o (a; // H) TSU3 
= (x/fH)<g. m >(y/ f H) if f^g TSU4 
= tau o (x Is S^H) if H{m) = T TSU5 

= tauo(y/ / Jlh) if H(m) = F TSU6 

= D if H(m) = B TSU7 
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and H is a variable of sort S. Axioms TSU3 and TSU4 express that the action 
tau and actions of the form g.m, where / ^ g, are not processed. Axioms TSU5 
and TSU6 express that a thread is affected by a service as described above when 
an action of the form f.m performed by the thread is processed by the service. 
Axiom TSU7 expresses that deadlock takes place when an action to be processed 
is not accepted. 

Henceforth, we write BTA USC for BTA, taking the set {f.m | / G T, m G A4} 
for A, extended with the use operators and the axioms from Table 7. 

In [7], a use mechanism is introduced where services are considered reply 
functions, i.e. functions from the set of all non-empty finite sequences over M 
to the set {T, F, B}. Each service as defined above determines a reply function 
(cf. [6,8]). Moreover, each reply function determines a service as defined above 
that has the set of all finite sequences over M as its set of states and in its turn 
determines the reply function concerned. 

8 Thread Algebra and Data Linkage Dynamics Combined 

The state changes and replies that result from performing the actions of data 
linkage dynamics can be achieved by means of services. In this section, we ex- 
plain how basic thread algebra can be combined with data linkage dynamics by 
means of the use mechanism such that the whole can be used for studying issues 
concerning the use of dynamic data structures in programming. 

Recall that we write VC for the set of elements of the initial model of DLA, 
and recall that, for each a G ^4dlD) eff a & n d yld a stand for unary operations 
on VC that give, for each L G VC, the state and reply, respectively, that result 
from performing basic action a in state L. It is assumed that a blocking state 
t ^ VC has been given. 

Take M such that ^dld C M. Moreover, let L G VC U {]}. Then the data 
linkage dynamics service with initial state L, written VCV(L), is the service 
(VC U {T}, eff , yld, L), where the functions eff and yld are defined as follows: 

eff (m, L) = eff m (L) if m G A DLD , yld(m, L) = yld m (L) if m G A DLD , 
eff(m, L) = | if m £ ^4 D ld , yld(m, L) = B if m ^dld , 

eff(m, T) = T , yld(m, T) = B . 

By means of threads and the data linkage dynamics services introduced 
above, we can give a precise picture of computations in which dynamic data 
structures are involved. 

In the following examples concerning computations of threads, we take the 
set {n | n G {0, . . . , 9}} for AtObj. Moreover, we take the choice function ch such 
that ch(A) = n iff n G A and there does not exist an n' < n such that n/_ G A. In 
order to represent computations, we use the binary relation ^> on closed terms 
of BTA use defined by p ^> q iff p = tau o q. Thus, p ^ q indicates that p can 
perform a concrete internal action and then proceed as q. Moreover, for each 
method a G Adld, we write (a) instead of did. a. 
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Example 3. We consider a simple thread in which non- value-related basic actions 
of DLD occur: 

(r !) o (t !) o (r/ «p) o (t/ dn) o (r.wp = f)o(i.dn = r)o(( = *)oS . 

We use the rewrite rules of DLD and axiom TSU5 of the use mechanism to 
obtain the following picture of the computation of this thread in the case where 
the initial state is the empty data linkage: 

((r !) o (t !) o (rj up) o (t/ dn) o (r.up = t) o (t.dn = r) o (t = *) o S) /did 
VCD(%) *A 

((t !) o (r/up) o (tj dn) o {r.up = t) o (t.dn = r) o (t = *) o S)/did 
VCV(^Q) 5¥ 

((r/up) o (t/ dn) o (r.wp = t) o (t.dn = r) o (t = *) o S) /did 

X>£D((A0)©(Al)) 
((£/ dn) o (r.wp = t) o (t.dn = r) o (t = *) o S) /did 

MD((^0)©(^l)ffi(05)) 'A 
((r.wp = t) o (t.dn = r) o (f = *) o S) /did 

2?;C2?((Ao) © (A 1) © (0 A) © (1 A 1 )) 1 a 
((t.dn = r) o(t = *) oS)/ d id 

D£X>((A0) © (A 1) © (0 A 1) © (1 A 1 )) l A 
((t = *) o S)/ d ld 

P££>((Ao)©(Al)©(0 Al)©(l Ao)) A 
S /did P£D((A 0) © (0 23 1) © (1 A 1 0)) . 

Example 4- We consider a simple thread in which value-related basic actions of 
DLD occur: 

(u <= — u)o(s <= t + u) o (u < = - m)oS . 

This is a thread for calculating the difference of two values as described at the 
end of Section 3. We use the rewrite rules of DLD and axiom TSU5 of the use 
mechanism to obtain the following picture of a computation of this thread: 

((u <= — u) o (s <= t + u) o (u <= —u)o S) /did 

VCV((^0) © (A 1) © (1) 7 © (A 2) © (2) 3 ) A 
((s <= t + u)o (u <= - u)o S)/ d id 

VCV((^0) © (A 1) © (1) 7 © (A 2) © (2)_ 3 ) 'A 
((« <= -u)o S)/did 

2?£2?((Ao) © (0) 4 © (A 1) © (1) 7 © (A 2) © (2)_ 3 ) 'A 
S /did KD((A0) © (0) 4 © (A l) © (1) 7 © (A 2) © (2) 3 ) . 

These examples show that DLA provides a notation that enables us to get a 
clear picture of the successive states of a computation. 

A hierarchy of program notations rooted in PGA is presented in [5]. Included 
in this hierarchy are very simple program notations which are close to existing 
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assembly languages up to and including simple program notations that support 
structured programming by offering a rendering of conditional and loop con- 
structs. In [5], threads that are definable by finite guarded recursive specifications 
over BTA are taken as the behaviours of PGA programs. The combination of 
basic thread algebra and data linkage dynamics by means of the use mechanism 
can be used for studying issues concerning the use of dynamic data structures 
in programming at the level of program behaviours. Together with one of the 
program notations rooted in PGA, this combination can be used for studying 
issues concerning the use of dynamic data structures in programming at the level 
of programs. 

We mention one such issue. In general terms, the issue is whether we can do 
without automatic garbage collection by program transformation at the price of 
a linear increase of the number of available atomic objects. Below we phrase this 
issue more precisely for PGLD, but it can be studied using any other program 
notation rooted in PGA as well. PGLD is close to existing assembly languages 
and has absolute jump instructions. 

Let PGLDdid be an instance of PGLD in which all basic actions of DLD are 
available as basic instructions. For each program P from PGLD d | d , we write \P\ 
for the thread that is the behaviour of P according to [5]. Let DLD afgc be the 
variation of DLD in which all basic actions of the form s ! are treated as if they 
are preceded by fgc and let, for each L G T>£, T>CD a f gc (L) be the corresponding 
data linkage dynamics service with initial state L. Data linkage dynamics services 
have the cardinality of the set AtObj of atomic objects as parameter. We write 
DLD"(L) and DLD" f (L) to indicate that the actual cardinality is n. The above- 
mentioned issue can now be phrased as follows: for which natural numbers c and 
c' does there exist a program transformation that transforms each program P 
from PGLDdid to a program Q from PGLDdid such that, for all natural numbers 
n, \P\ /did VCV: fgc (9) = \Q\ /did VCD c n+c ' (0)? 

9 Another Description of Data Linkage Dynamics 

In this section, we describe the state changes and replies that result from per- 
forming the basic actions of DLD in the world of sets. This alternative description 
is a widening of the description of the state changes and replies that result from 
performing the actions of molecular dynamics that was given in [8]. In Section 10, 
we will show that the alternative description agrees with the description based 
on data linkage algebra. 

We define sets SS, ASi, AS 2 and VCR as follows: 

SS = Spot -» (AtObj U {_!_}) , 

AS, = U AeV{At0hj) (A - U FeV(FlM) (F - (AtObj U {J-}))) , 
AS 2 = [J AenAt0bj) (A - (Value U {_!_})) , 
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VCR = {(a, C, € SS x AS! x AS 2 \ 

dom(C) = dom(£) A rng(cr) C dom(C) U {_L} A 
Va G dom(C) • rng(C(a)) C dom(C) U {±}} . 

The elements of VCR can be considered representations of deterministic 
data linkages. Let (cr, £ VCR, let s G Spot, let a G dom(£), and let 
/ G dom(C(a)). Then a(s) is the content of spot s if <r(s) 7^ _L, / is a field of 
atomic object a, C( a )(/) is the content of field / of atomic object a if ((a)(f) 7^ -L, 
and £(a) is the value assigned to atomic object a if £(a) 7^ _L. The content of 
spot s is undefined if cr(s) = _L, the content of field / of atomic object a is 
undefined if C( a )(/) = -L, and the value assigned to atomic object a is undefined 
if £(a) = _L. Notice that dom(£) is taken for the set of all atomic objects that 
are in use. Therefore, the content of each spot, i.e. each element of rng(er), must 
be in dom(£) if the content is defined and, for each atomic object a that is in 
use, the content of each of its fields, i.e. each element of rng(C(a)), must be in 
dom(C) if the content is defined. 

The effect and yield operations on VC are modelled by the effect and yield 
operations on VCR that are defined in Table 8. 3 In these tables, def°(s) abbre- 
viates <t(s) ^ _L and def^(s) abbreviates <r(s) ^ _L A £{<r{s)) ^ _L. 

10 Correctness of the Alternative Description 

In this section, we show that the description of the state changes and replies 
that result from performing the basic actions of DLD given in Section 9 agrees 
with the one given in Section 4, provided only deterministic data linkages are 
considered. In the case where data linkages are taken for states, the effect op- 
erations preserve determinism. This means that non-deterministic data linkages 
are not relevant to DLD if only deterministic data linkages are allowed as initial 
state. 

The step from deterministic data linkages to the concrete states introduced 
in Section 9 is an instance of a data refinement: 

- the concrete states are considered representations of deterministic data link- 
ages; 

- the effect and yield operations on deterministic data linkages are modelled 
by the effect and yield operations on the concrete states. 

This data refinement is correct in the sense that: 

- there is a representation of each deterministic data linkage; 

3 We use the following notation for functions: [] for the empty function; [e e'] for 
the function / with dom(/) = {e} such that /(e) = e'; / \ g for the function h with 
dom(/i) = dom(/) U dom(g) such that for all e G dom(ft), h(e) — /(e) if e dom(g) 
and h(e) — g(e) otherwise; f < S for the function g with dom((/) = S such that for 
all e G dom(gr), g(e) = /(e); and / <9 S for the function g with dom(g) = dom(/) \ S 
such that for all e G dom(p), g(e) — /(e). 
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Table 8. Definition of effect and yield operations 



(a f [s h-> c/»(AtObj \ dom(C))], 
Ct[cA(AtObj\dom(C))^[]], 

£ f [ch(AtObj \ dom(C)) <->■ _L]) if dom(C) C AtObj 

eff's ! C = (ff, C, if dom(C) = AtObj 

cjB F U.(ff,C,0 = (fft[*--L],C,0 

e J e r u= t (^,co = (^co 
e .r s= =>,co = (^co 
cr.//(ff,c,o = 

(a, C t [<r(«) - CM*)) t [/ - ±]],0 if def° («) A / dam(C(«r(«))) 

cr.//(ff,C,0 = (ff.C,0 if - (def°( S )A/0dom(C(a( S )))) 

cr.\/(ff,c,o = 

(a, C t - CM*)) « {/}], if def° (*) A / G dom(CM*))) 

c#'.\/(ff,C,0 = (ff.C,0 if -(def°( S )A/Gdom(C(a( S )))) 
cjB F '.|/(ff,C,0 = (ff»C,0 
eff^^CO = 

(a, C t M*) - CM*)) t [/ - *(*)]]> if def°(s) A / £ dom(CM*))) 

ejT../=«MC,0 = MC,0 if -(def°( S )A/Gdom(C(a( S )))) 
cr../=.(ff,C,0 = 

(a, C t M*) -» CM*)) t [/ - ■!■]], if def° (*) A / G dom(CM*))) 

cjB F '../=.(ff,C,0 = (ff.C,0 if - (def°( S )A/Gdom(C(a( S )))) 
e#U./(^CO = 

(a t [s ^ C(o-(*))(/)],C, if de£(t) A / G dom(C(a(t))) 

e#U./(^CO = (^CO if - (dcf°(t)A/Gdom(C(a(t)))) 

c#'. <=0 (<7,C,0 = MC£ t M*) - 0]) if def°(s) 

e J e r ;<=o(^co = (^co if -.desw 

cjB F '.<=i(ff,C,0 = MC£t M*) - 1]) if def°(s) 

e J e r ;<=i(^co = (^co if -.desw 

effU^+^C^CO = 

(a, C, £ t M*) ~ + CM"))]) if def° (s) A def^(i) A def^(u) 

ejfi F '.<=«+>,C,0 = (<r,C0 if -(def°(s) Adef^(t) Adef^(«)) 

cr.<=t.„(ff,c,o = 

(a, C, 5 t M*) - CM*)) ■ £M«))]) if def° (*) A defj^t) A def^(u) 

eff' s<=t . u (T, C = C if - (def° (*) A de£;, € (t) A def^(u)) 
eff' s<= - t (vX,0 = 

(a, C, ? t M*) - -£M*))D if def° (s) A defj^t) 

ejr.<=-t(">C,0 = (".CO if -(def°( S ) Adef^(t)) 

cr.<=i/t(ff.c,o = 

(a, C, 5 t M*) - e(ff(*)) -1 ]) if def° (a) A defj, £ (t) 

e.r.<=i/tMCO = MCO if -n(defS( 8 )Adef^(t)) 
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Table 8. (Continued) 



eff'. 


=7t (ff,C,0 = (ff,C,0 




eff[. 


=?.(*, CO = (*, CO 




yld' 


i («t,C,0 = t 


if dom(C) C AtObj 


yld[ 


.(«r,C,0 = F 


if dom(C) = AtObj 


yld' 


=( (<7,C,0 = T 




yld' 


=>,C,0 = t 




yld' 


==t (ff,C,0 = T 


if cr(s) = 


yld' 


==t (ff,C,0 = F 


if cr(s) / 


yld' 


== >,C,0=T 


if -. def°(s) 


yld' 


== >,C,0 = F 


if def°(s) 


yld[ 


// (a,C,0=T 


if def°( S )A/^dom(C(a( S ))) 


yld' 


//(ff,C,0 = F 


if - (dcf°( S )A/0dom(C(a( S )))) 


yld' 


\,(ff,C,0=T 


if def°(s)A/Gdom(C(cr(s))) 


yld[ 


\,(ff,C,0 = F 


if - (def°( S )A/edom(C(a( S )))) 


yld' 


|,(«T,C,0=T 


if def°(s)A/Gdom(C(a( S ))) 


yld' 


|,(«T,C,0 = F 


if - (def°( S )A/Gdom«(a( S )))) 


yld' 


. /=t («T,C,0 = T 


if def°( S )A/Gdom(C(a( S ))) 


yld[ 


. /=t (ff,C,0 = F 


if - (dcf°( S )A/Gdom(C(a( S )))) 


yld' 


. /= ,(«7,C,0 = T 


if def°(s)A/Gdom(C(cr(s))) 


yld' 


. /= „(<7,C,0 = F 


if ^(def°( S )A/Gdom(C(a( S )))) 


yld' 


=t . / (a,C,C) = T 


if def°(t)A/Gdom(C(a(t))) 


yld' 


=t . / (a,C,C) = F 


if -.(defS(t)A/edom(CKt)))) 


yld[ 


<=0 (a,C,C) = T 


if def°(s) 


yld' 


<=0 (a,C,C) = F 


if - def°(s) 


yld[ 


<=1 (a,C,C) = T 


if def°(s) 


yld[ 


<=1 (a,C,C) = F 


if -. def°(s) 


yld' 


<=t+u («T,C,0=T 


if def° (s) A def^(t) A def^(u) 


yld[ 


<=t+«(ff>CO = F 


if -(def°(s)Adef^(t)Adef^( M )) 


yld' 


<=t .>,CO=T 


if def° (s) A defj i£ (t) A def^(u) 


yld' 


<=t .>,CO = F 


if -. (def° (s) A de{^(t) A dei^u)) 


yld' 


<= _ t (a,C,C) = T 


if def°(s) Adef£ i£ (*) 


yld[ 


<= _ t (a,C,C) = F 


if -(def°(s) A dtf; ie (t)) 


yld[ 


<=1/t (cr,C,0 = T 


if def°(s) Adef^(t) 


yld[ 


<=1/t (a,C,C) = F 


if -(def°( S )Adef;, £ (t)) 


yld' 


=?t (a,C,C)=T 


if def° (s) A def° (t) A = £(*(*)) 


yld' 


=?>,CO = F 


if - (dcf° ( S ) A def° (t) A £(*(«)) = 


yld[ 


=?>,CO=T 


if def^(s) A -i def^ >£ (s) 


yld' 


=? >,C,0 = F 


if -i (def£(s) A -i defj j£ (s)) 
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— for each a G ^dld , for each deterministic data linkage, the result of applying 
eff' a to the representation of that data linkage is the representation of the 
result of applying eff a to that data linkage; 

— for each a G A^ld , for each deterministic data linkage, the result of applying 
yld' a to the representation of that data linkage is the result of applying yld a 
to that data linkage. 

Correctness in this sense agrees with the notion of correctness for data refine- 
ments as used in, for example, the software development method VDM [19]. 
Following the terminology of VDM, the three aspects of correctness might be 
called representation adequacy, action effect modelling and action reply mod- 
elling. 

For the purpose of stating the above-mentioned correctness rigorously, we 
introduce a retrieve function that relates the concrete states to deterministic 
data linkages: 

retr(<r, = 

©aedom(C)(©/e{/'edom(C(a))|C(a)(/') = ±}( a ^)) ® 
aedom(C)(©/e{/'edom(C(a))|C(a)(/')#i} 

(a^C(«)(/)))e 

©ae{a'edom(£)|£(a')#±}( a )?( a ) ' 

This function can be thought of as regaining the abstract deterministic data 
linkages from their concrete representations by means of functions. 

The correctness of the step from deterministic data linkages to the concrete 
states is stated rigorously in the following theorem. 

Theorem 3 (Correctness). VC and the effect and yield operations on VC are 
related to VCR and the effect and yield operations on VCR as follows: 

1. for all L G VC that are deterministic, there exists a (ct, C, £) G VCR such 
that: 

L = retr(a, C, ; 

2. for all a G ^dld, for all (a, C, G VCR: 

retr(eff' a (a,C,0) = eff a (retr(a,C,0) , 
yld' a (o-,C,(.) = yld a (retr(a,(,t)) ■ 

Proof. This is straightforwardly proved by case distinction on the basic action 
a using elementary laws for f and <3. The following facts about the connection 

4 We write ® ieI Di, where J is a finite set and Di is a DLD term for each i G 1, 
for a term D il © ... © D in such that X = {ii, . . . ,i n } (all such terms are equal by 
associativity and commutativity of ©). The convention is that ® ieI Di stands for 
if 1 = 0. 
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between deterministic data linkages and their representations are useful in the 
proof: 

retr(a \ [s ^ a], £ f ) = retr(a, £ © (A a) , 

retr(a, C t [a C(o) t [/ ^ J-]], - re*r(a, C, © (a X) , 

retr(<7, C t [a - C(«) t [/ - &]], = re*r(a, C, ® (« ^ &) . 
re£r(cr, £ £ f [a •-»• n]) = retr(<r, £ £) © (a)„ . 

They follow from the definition of retr and elementary laws for f. □ 

11 Another Description of Garbage Reclamation 

In this section, we describe of the state changes and replies that result from 
performing the reclamation-related actions of data linkage dynamics in the world 
of sets. Like the effect and yield operations for reclamation on DC, the effect and 
yield operations for reclamation on VCTZ are defined using auxiliary functions. 

The auxiliary functions reach : 55 x AS\ — ► 'P(AtObj) and incycle : ASi — > 
'P(AtObj) are defined as follows: 

reach{a,() = lUrng(<x) reach(a,Q , 

incycle{C) = {a e dom(£ | 3a' G rng(£a)) • a G reach (a' , £)} , 
where reach(a 1 £) C AtObj is inductively defined by the following rules: 

— a G reach(a, Q; 

— if a' G reach(a,() and a" G rng(£a')), then a" G reach(a,()- 

The auxiliary functions srf, : AtObj x VCTZ — > D£7\L arc defined as follows: 

sd(a, (cr, £ 0) = ( CT > C ^ W; £ *3 { fl }) if a ^ reach(a, £ , 
sd(a, (cr, C, 0) = C, 'f a G reach(a, () , 

ud(a, (cr, C, 0) = sc K a > (cir s (a, cr), dr f (a, £, 0) . 

where clr s : AtObj x 55 — > 55 and c/r f : AtObj x 45i — > ,45i are defined as 
follows: 

clr s (a, cr)(s) = cr(s) if cr(s) 7^ a , 
clr s (a,a)(s) = _L if cr(s) = a , 

c/r f (a,C)(a')(/) = C(a / )(/) if C(«')(/) ^ « , 
clr f (a,0(a')(f) = ± if C(a')(/) = . 

The effect and yield operations for reclamation on Z}C7^ are defined in Table 9. 

Theorem 3 goes through for DLD rec i. The additional cases to be considered 
involve proofs by induction over the definition of reach(a, £ for appropriate a 
and £ 
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Table 9. Definition of effect and yield operations for reclamation 



eff f g c(°". C C) = (ff. C < reach(cr, C), £ < reach(cr, <)) 

eff' Tgc (a, £, £) = (cr, £ < (reach(a, £) U mcycle(Q), £ < (reach(a, f ) U incycle(())) 

eff' ay X*X,0 = sd(*(s),eff' s ,Xa,t,0) 

eff' A=t (a,CO = «d(<T(«),e#U(ff,C,0) 

c#'.\=.(ff, C, = **(*(*), e#U C, 0) 

er../\=t(^C,0 = »d(C(ff (*))(/), c#'../=t(ff, CO) 

er.. A =,(ff,C,0 = »d(CW*))(/),e J r../=>,C,0) 

c#'.\=t./(ff,c,o = sd(«T(«),cr.=t./(«T,c,o) 

eff' s \\=t(<7, C = «d(«r(«), c#U(ff, C 0) 

eff' s \\=M c o = «d(«r(«), cr.=.(ff, c o) 
c#'.. A \=t(ff, c e) = w(c(a( s ))(/), cjBF'.. /=t (ff, c, o) 

cjfl F '.. A \ = ,(ff,C,0 = «d(CK*))(/),cjflf'.. /= .(ff,C,0) 
c#'. u=t . / (<T,c,0 = ud(ff(«),c#'. = t. / (ff,c,0) 

yW'.vfaCO = CO 
yW'. N=t (<7,C,0 = V«U(*>C0 
yJ<C\=>>C,0 = w«UfaC,0 
yid' s . A=t (<r,<;,ti) = yid' s . f=t (<r,C0 
y^' s . A =«(<7,C0 = y^' s ./=*(o-,C0 
yid' s \=t.f(v,CQ = yid' s =t.f(vX,Q 
y«'.\ V (*,C,0 = »«'..(*> £0 
yW'. NN=t («T > C,0 = »«U(ff.C.O 
yZ<W = >,C0 = CO 

yW , .. AX=t («T > C,0 = w« , ../=t( ff .C.O 
yid' s .f\\=*(^C,0 = yW s ./=»(ff,C0 

y ld ' s \\=t.f(°X,0 = y ld ' s =t.f(°X,0 



12 Conclusions 

We have presented an algebra of which the elements arc intended for modelling 
the states of computations in which dynamic data structures are involved. We 
have also presented a simple model of computation in which states of computa- 
tions are modelled as elements of this algebra and state changes take place by 
means of certain actions. We have described the state changes and replies that 
result from performing those actions by means of a term rewrite system with 
rule priorities. 

We followed a rather fundamental approach. Instead of developing the model 
of computation on top of an existing theory or model, we started from first 
principles by giving an elementary algebraic specification [13] of the states of 
computations in which dynamic data structures are involved. We found out that 
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term rewriting with priorities is a convenient technique to describe the dynamic 
aspects of the model. In particular, we managed to give a clear idea of the 
features related to reclamation of garbage. 

We believe that the description of the dynamic aspects of the presented model 
of computation is rather sizable because of the start from first principles. This is 
substantiated by the size of the alternative description in the world of sets that 
we have given in this paper as well. We also believe that the use of conditional 
term rewriting [4] instead of priority rewriting would give rise to a less compact 
description. 

The presented model of computation and its description are well-thought out, 
but the choices made can only be justified by applications. Together with thread 
algebra and program algebra, we hold the model of computation as described in 
this paper to be a suitable starting-point for investigations into issues concerning 
the interplay between programs and dynamic data structures, including issues 
concerning reclamation of garbage. 

In previous work on thread algebra, we identified services with reply functions 
(see e.g. [7, 9]). The reason for switching to a state-based view of services in this 
paper is twofold. Firstly, a state-based view of services fits in much better with a 
model of computation like DLD because both are concerned with states and state 
changes. Secondly, a state-based view of services looks to be more appropriate 
for the forecasting services that we need in a sequel to the work presented in 
this paper. From a state-based view of services, a forecasting service is simply 
a service of which the state changes and replies may depend on how the thread 
that performs the actions being processed will proceed. However, it is not clear 
how such services relate to reply functions. 
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